{"id":122007,"date":"2024-11-04T16:00:44","date_gmt":"2024-11-04T09:00:44","guid":{"rendered":"https:\/\/hotvideos24.online\/?p=122007"},"modified":"2024-11-04T16:00:44","modified_gmt":"2024-11-04T09:00:44","slug":"new-fakecall-malware-variant-hijacks-android-devices-for-fraudulent-banking-calls","status":"publish","type":"post","link":"https:\/\/hotvideos24.online\/?p=122007","title":{"rendered":"New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls"},"content":{"rendered":"<p> <script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-3711241968723425\"\r\n     crossorigin=\"anonymous\"><\/script>\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:block\"\r\n     data-ad-format=\"fluid\"\r\n     data-ad-layout-key=\"-fb+5w+4e-db+86\"\r\n     data-ad-client=\"ca-pub-3711241968723425\"\r\n     data-ad-slot=\"7910942971\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script><br \/>\n<\/p>\n<div>\n<p><span class=\"p-author\"><i class=\"icon-font icon-calendar\">\ue802<\/i><span class=\"author\">Nov 04, 2024<\/span><i class=\"icon-font icon-user\">\ue804<\/i><span class=\"author\">Ravie Lakshmanan<\/span><\/span><span class=\"p-tags\">Mobile Security \/ Financial Fraud<\/span><\/p>\n<\/div>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both;\"><a href=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgqzEsWJNnTBaPXtvLbn_-FjOaEFdVPon8PBV3lkkkuJIgORz7Pi61jIbDARg6oIXVg6m50d5Re3CEcH9b1CnyGwkSYngY-wTrmB4VsVB1jnaZQBet-4b3XNxeMd_31I1iK2jRLaoppdKQHE1iOobHzrTUzkCfdCEWfIk4EijLFA6CpZbZdUmKEm9tnT9l_\/s728-rw-e365\/mobile.png\" style=\"clear: left; display: block; float: left;  text-align: center;\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgqzEsWJNnTBaPXtvLbn_-FjOaEFdVPon8PBV3lkkkuJIgORz7Pi61jIbDARg6oIXVg6m50d5Re3CEcH9b1CnyGwkSYngY-wTrmB4VsVB1jnaZQBet-4b3XNxeMd_31I1iK2jRLaoppdKQHE1iOobHzrTUzkCfdCEWfIk4EijLFA6CpZbZdUmKEm9tnT9l_\/s728-rw-e365\/mobile.png\" alt=\"FakeCall Malware\" border=\"0\" data-original-height=\"380\" data-original-width=\"728\" title=\"FakeCall Malware\"\/><\/a><\/div>\n<p>Cybersecurity researchers have discovered a new version of a well-known Android malware family dubbed <strong>FakeCall<\/strong> that employs voice phishing (aka vishing) techniques to trick users into parting with their personal information.<\/p>\n<p>&#8220;FakeCall is an extremely sophisticated Vishing attack that leverages malware to take almost complete control of the mobile device, including the interception of incoming and outgoing calls,&#8221; Zimperium researcher Fernando Ortega <a href=\"https:\/\/www.zimperium.com\/blog\/mishing-in-motion-uncovering-the-evolving-functionality-of-fakecall-malware\/\" rel=\"noopener\" target=\"_blank\">said<\/a> in a report published last week.<\/p>\n<p>&#8220;Victims are tricked into calling fraudulent phone numbers controlled by the attacker and mimicking the normal user experience on the device.&#8221;<\/p>\n<p>FakeCall, also tracked under the names FakeCalls and Letscall, has been the subject of multiple analyses by <a href=\"https:\/\/thehackernews.com\/2023\/03\/fakecalls-vishing-malware-targets-south.html\" rel=\"noopener\" target=\"_blank\">Kaspersky, Check Point<\/a>, and <a href=\"https:\/\/thehackernews.com\/2023\/07\/vishing-goes-high-tech-new-letscall.html\" rel=\"noopener\" target=\"_blank\">ThreatFabric<\/a> since its emergence in April 2022. Previous attack waves have primarily targeted mobile users in South Korea.<\/p>\n<div class=\"dog_two clear\"><center class=\"cf\"><a href=\"https:\/\/thehackernews.uk\/saas-security-2024-d\" rel=\"nofollow noopener sponsored\" target=\"_blank\" title=\"Cybersecurity\"><img loading=\"lazy\" decoding=\"async\" class=\"lazyload\" alt=\"Cybersecurity\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhaYczlWCU-YfpnVT7ECpRcykfm9cWQIvgM5iOWh0zNd4VMRdzWX62iMRJLhyphenhyphentlKMqu1lNFkyp8pH1_kCPxw1DL82cKxPg47HLrJ8ToGQ9nUdKg0BG790rz9MkXXqDJ0ybmMgtxfQhsY0GSSdPQ3DwQXvxaTnVdxfsxrCuuJJZf8lPl3x296TpCt3nBdq5X\/s728-e100\/saas.png\" width=\"727\" height=\"90\"\/><\/a><\/center><\/div>\n<p>The names of the malicious package names, i.e., dropper apps, bearing the malware are listed below &#8211;<\/p>\n<ul>\n<li>com.qaz123789.serviceone<\/li>\n<li>com.sbbqcfnvd.skgkkvba<\/li>\n<li>com.securegroup.assistant<\/li>\n<li>com.seplatmsm.skfplzbh<\/li>\n<li>eugmx.xjrhry.eroreqxo<\/li>\n<li>gqcvctl.msthh.swxgkyv<\/li>\n<li>ouyudz.wqrecg.blxal<\/li>\n<li>plnfexcq.fehlwuggm.kyxvb<\/li>\n<li>xkeqoi.iochvm.vmyab<\/li>\n<\/ul>\n<p>Like other Android banking malware families that are known to abuse accessibility services APIs to seize control of the devices and perform malicious actions, FakeCall uses it to capture information displayed on the screen and grant itself additional permissions as required.<\/p>\n<p>Some of the other espionage features include capturing a wide range of information, such as SMS messages, contact lists, locations, and installed apps, taking pictures, recording a live stream from both the rear- and front-facing cameras, adding and deleting contacts, grabbing audio snippets, uploading images, and imitating a video stream of all the actions on the device using the MediaProjection API.<\/p>\n<p>The newer versions are also designed to monitor Bluetooth status and the device screen state. But what makes the malware more dangerous is that it instructs the user to set the app as the default dialer, thus giving it the ability to keep tabs on all incoming and outgoing calls.<\/p>\n<p>This not only allows FakeCall to intercept and hijack calls, but also enables it to modify a dialed number, such as those to a bank, to a rogue number under their control, and lure the victims into performing unintended actions.<\/p>\n<p>In contrast, previous variants of FakeCall were found to prompt users to call the bank from within the malicious app imitating various financial institutions under the guise of a loan offer with a lower interest rate.<\/p>\n<div class=\"dog_two clear\"><center class=\"cf\"><a href=\"https:\/\/thehackernews.uk\/cis-nov\" rel=\"nofollow noopener sponsored\" target=\"_blank\" title=\"Cybersecurity\"><img loading=\"lazy\" decoding=\"async\" class=\"lazyload\" alt=\"Cybersecurity\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiAxSbAOIwY5p0wWv5znF6Nj42k-fIocSD-CC_fgf7B4WQKPZbJCilURnF5BAgXpuwEEjcBU2BeRdKaag8fw81D37T0OJG7Arl683j5xIhSrEv-88wJKyGgPtRSH1A-5Sz6Oa97Zg8gS0UhfS1E-6PfJwRE2o2yqakqaiVyW8RXxs4Pgxi3c7MA2z3jASGT\/s728-e100\/cis-d.png\" width=\"727\" height=\"90\"\/><\/a><\/center><\/div>\n<p>&#8220;When the compromised individual attempts to contact their financial institution, the malware redirects the call to a fraudulent number controlled by the attacker,&#8221; Ortega said.<\/p>\n<p>&#8220;The malicious app will deceive the user, displaying a convincing fake UI that appears to be the legitimate Android&#8217;s call interface showing the real bank&#8217;s phone number. The victim will be unaware of the manipulation, as the malware&#8217;s fake UI will mimic the actual banking experience, allowing the attacker to extract sensitive information or gain unauthorized access to the victim&#8217;s financial accounts.&#8221;<\/p>\n<p>The emergence of novel, sophisticated mishing (aka mobile phishing) strategies highlights a counter-response to improved security defenses and the prevalent use of caller identification applications, which can flag suspicious numbers and warn users of potential spam.<\/p>\n<p>In recent months, Google has also been <a href=\"https:\/\/thehackernews.com\/2024\/10\/google-blocks-unsafe-android-app.html\" rel=\"noopener\" target=\"_blank\">experimenting<\/a> with a security initiative that automatically blocks the sideloading of potentially unsafe Android apps, counting those that request accessibility services, across Singapore, Thailand, Brazil, and India.<\/p>\n<p><\/p>\n<div class=\"cf note-b\">Found this article interesting?  Follow us on <a href=\"https:\/\/twitter.com\/thehackersnews\" rel=\"noopener\" target=\"_blank\">Twitter <i class=\"icon-font icon-twitter\">\uf099<\/i><\/a> and <a href=\"https:\/\/www.linkedin.com\/company\/thehackernews\/\" rel=\"noopener\" target=\"_blank\">LinkedIn<\/a> to read more exclusive content we post.<\/div>\n<\/div>\n<p><script async src=\"\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\n<br \/><script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-3711241968723425\"\r\n     crossorigin=\"anonymous\"><\/script>\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:block\"\r\n     data-ad-format=\"fluid\"\r\n     data-ad-layout-key=\"-fb+5w+4e-db+86\"\r\n     data-ad-client=\"ca-pub-3711241968723425\"\r\n     data-ad-slot=\"7910942971\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script><br \/>\n<br \/><div data-type=\"_mgwidget\" data-widget-id=\"1660802\">\r\n<\/div>\r\n<script>(function(w,q){w[q]=w[q]||[];w[q].push([\"_mgc.load\"])})(window,\"_mgq\");\r\n<\/script>\r\n<br \/>\n<br \/><a href=\"https:\/\/thehackernews.com\/2024\/11\/new-fakecall-malware-variant-hijacks.html\">Source link <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\ue802Nov 04, 2024\ue804Ravie LakshmananMobile Security \/ Financial Fraud Cybersecurity researchers have discovered a new version of a well-known Android malware family dubbed FakeCall that employs voice phishing (aka vishing) techniques &hellip; <a href=\"https:\/\/hotvideos24.online\/?p=122007\" class=\"more-link\">Read More<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8630],"tags":[],"class_list":["post-122007","post","type-post","status-publish","format-standard","hentry","category-technology","entry"],"_links":{"self":[{"href":"https:\/\/hotvideos24.online\/index.php?rest_route=\/wp\/v2\/posts\/122007","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hotvideos24.online\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hotvideos24.online\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hotvideos24.online\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/hotvideos24.online\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=122007"}],"version-history":[{"count":0,"href":"https:\/\/hotvideos24.online\/index.php?rest_route=\/wp\/v2\/posts\/122007\/revisions"}],"wp:attachment":[{"href":"https:\/\/hotvideos24.online\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=122007"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hotvideos24.online\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=122007"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hotvideos24.online\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=122007"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}