New “Faketoken” Android Trojan affects taxi, ride-sharing apps: Kaspersky

There has been significant growth in the mobile app market and also the services offered by them store private financial details, including ride-sharing and taxi services apps that need the users’ bank card details. Being installed on several Android devices globally has made them an attractive target for cybercriminals—who have considerably broadened the mobile banking malware functionality.

Kaspersky Lab has said to discover a modified version of ill-famed mobile banking Trojan “Faketoken” to be resurfaced. It is capable of stealing credentials from well-known Android ride-sharing and taxi applications apps. The Moscow-based cyber-security firm said, “The Faketoken’s new version executes live tracking of applications and, when the user opens a particular app, covers it with its phishing window to pilfer the bank card information of the victim.”

The Trojan virus has a similar interface, with alike logos and color schemes, which produces an immediate and entirely invisible overlay. Security expert, Kaspersky Lab, Viktor Chebyshev, said, “The actuality that cyber-criminals have extended their actions from financial purposes to other areas, comprising ride-sharing and taxi services, needs the producers of these services to start focusing more on the security of their users’ data.”

Chebyshev added, “The banking industry is by now familiar with hoax tricks and schemes, and its prior response included the execution of security technologies in applications that considerably decreased the risk of stealing of important financial information.” As per Kaspersky Lab, Faketoken’s new version mostly targets Russian users but it considers the layout of attacks can easily be expanded in the future.

The enhanced Faketoken virus pilfers all received SMS messages by forwarding them to its control & command servers, enabling criminals to receive access to OTP passwords sent by ride-sharing and taxi services or by a bank. Among other things, the virus also monitors the calls of the users, records them, and transfers the details to the control and command servers.

Kaspersky team has also noticed that Faketoken attacks on other famous mobile apps, such as hotel booking and travel apps, Android Pay, applications for traffic fine payments, and the Google Play Market.

Hopefully, an instant solution will be produced so to tackle this unsafe virus.###