Leveraging counterfeit apps to trick users and deploy malware on the targeted devices is a common attack vector for malware authors. Security experts Cyble recently uncovered a malicious Android application targeting the popular Brazilian banking company Itaú Unibanco. The fake Android app reportedly used a similar icon and name of Itaú Unibanco bank to trick users into downloading it, thinking it was legitimate. The researchers found that the threat actor created a fake Google Play Store page and hosted the malware – sincronizador.apk that targets Itaú Unibanco customers. The app allegedly has over 1,895,897 downloads.
In addition to malware infection, the attackers could also cause damage to users via various cybercriminal activities such as identity thefts, fraudulent financial transactions, etc.
Once the user installs the fake application, the website automatically downloads a malicious application with sincronizador.apk from the URL: hxxps://acesso.sincronizadorltoken[.]com/playstore_downloadS34/sincronizador.apk. Whenever the user opens the application, it prompts the user to enable the AccessibilityService and allow permissions to perform other actions such as Observe actions, Retrieve window content, and Perform gestures.
Also Read: How to Spot Malicious or Fake Apps
“Threat Actors constantly adapt their methods to avoid detection and find new ways to target users through increasingly sophisticated techniques. Such malicious applications often masquerade as legitimate applications to trick users into installing them. Users should install applications only after verifying their authenticity and install them exclusively from the official Google Play Store and other trusted portals to avoid such attacks,” the researchers said.
The researchers also recommended security measures to prevent malware infections from fake mobile applications. These are:
Even with multiple security checks and scans in place, several counterfeit and malicious apps remain undetected and make their way to the Play Store. Here are a few security tips to spot fake and malicious mobile applications:
Read our detailed report here…
The post New Malware Discovered With Brazil’s Itaú Unibanco Bank App appeared first on CISO MAG | Cyber Security Magazine.
Click to Open Code Editor