Date:14/12/18
According to We Live Security, the malware, which is hiding as a battery optimization tool distributed via third-party app stores, “combines the capabilities of a remotely controlled banking Trojan with a novel misuse of Android Accessibility services to target users of the official PayPal app.”
After being launched, the malware eventually asks for accessibility by asking the user to “enable statistics.” Once enabled, it will then send a notification asking the user to open up the official PayPal application, where the user will sign in normally. The Trojan is then able to use the accessibility service to copy the taps required to send money to a source, and immediately sends $1,000 to the cyber criminal’s PayPal address. The transfer will only fail if the user doesn’t have enough money in their PayPal account to cover the funds.
One positive, as 9to5Google points out, is that the malware is only accessible when downloaded from outside of Google Play. PayPal has also been notified of the issue, so it’s more than likely it will work on an update that stops it.
Last year, it was revealed that as many as 14 million Google Android devices were infected with malicious ransomware called CopyCat. Like this latest Trojan, the malware — which raised up to a million dollars — was housed in third-party app stores, not in Google Play.
At the time, Aaron Stein, a Google spokesperson, said Google Play Protect would protect phones against such malware, adding that “CopyCat is a variant of a broader malware family that we’ve been tracking since 2015. Each time a new variant appears, we update our detection systems to protect our users,” Stein said. “Play Protect secures users from the family, and any apps that may have been infected with CopyCat were not distributed via Play.”
New Android Malware Can Steal Money From PayPal
An Android Trojan virus has been discovered that has the ability to steal money from PayPal.According to We Live Security, the malware, which is hiding as a battery optimization tool distributed via third-party app stores, “combines the capabilities of a remotely controlled banking Trojan with a novel misuse of Android Accessibility services to target users of the official PayPal app.”
After being launched, the malware eventually asks for accessibility by asking the user to “enable statistics.” Once enabled, it will then send a notification asking the user to open up the official PayPal application, where the user will sign in normally. The Trojan is then able to use the accessibility service to copy the taps required to send money to a source, and immediately sends $1,000 to the cyber criminal’s PayPal address. The transfer will only fail if the user doesn’t have enough money in their PayPal account to cover the funds.
One positive, as 9to5Google points out, is that the malware is only accessible when downloaded from outside of Google Play. PayPal has also been notified of the issue, so it’s more than likely it will work on an update that stops it.
Last year, it was revealed that as many as 14 million Google Android devices were infected with malicious ransomware called CopyCat. Like this latest Trojan, the malware — which raised up to a million dollars — was housed in third-party app stores, not in Google Play.
At the time, Aaron Stein, a Google spokesperson, said Google Play Protect would protect phones against such malware, adding that “CopyCat is a variant of a broader malware family that we’ve been tracking since 2015. Each time a new variant appears, we update our detection systems to protect our users,” Stein said. “Play Protect secures users from the family, and any apps that may have been infected with CopyCat were not distributed via Play.”
Views: 497
©ictnews.az. All rights reserved.Similar news
- Cellphone Use May Raise Cancer Risk
- Australian police pushes cyber safety education
- Vietnam aims to lead in e-government
- Senate Website Gets Hacked
- US builds net for cyber war games
- Japan enacts anti-computer virus law
- India passes law vs e-waste
- Anonymous Declares War On The City Of Orlando
- Microsoft highlights evolving dangers as online identity data proliferates
- Consumers want internet security to be provided by banks
- Government facilities targets of cyber attack
- South Korean web attacks might been war drill
- Sri Lanka to Establish National Passport Database to Increase Border Security
- Hi-tech crime agencies set to employ information security professionals
- Phone hacking and online campaign bring down the News of the World