A recent report by US security company FireEye has identified a new malware which is stealing credit card information in Europe by emulating the interfaces of WhatsApp, Viber, and Google Play
According to the report, the malware which has been has been targeting users in Europe across Denmark, Italy, and Germany. It is spreading through a phising campaign over SMS.
After a user mistakenly downloads the malicious file, the malware creates fake user interfaces on the phone on top of ‘actual’ apps to ask for their credit card details. Subsequently, this information will be sent to the hacker.
Over the years malwares have multiplied rapidly raising high security concerns for not only individual users but also prominent organisations.
While earlier versions were only limited to banking apps, the revamped malware is now capable of duplicating the interface of popular apps—WhatsApp, Viber and Google Play—the individuals use on a daily basis.
The FireEye report also shed light on the fact that most customers fail to identify this gimmick and gladly enter their credit card information. The reason for targeting popular apps is directly related to their large user base.
According to several other reports, the same malware has targeted other popular apps such as YouTube, Uber, and WeChat as well.
In order to start the phising campaign, hackers sent out a link via SMS, which did wonders, as numerous victims ended up clicking it.
It has also been revealed that since February 2016, the malware has been spread through five different campaigns and in one of those ventures, hackers managed to get at least 1,30,000 clicks to the link where the malware was hosted.
The dilemmas with malwares continue to worsen as new advanced malwares are very hard to detect. According to FireEye, only a mere six out of 54 anti-virus tools were able to spot apps with the malicious malware.
In case of India, there has been a sudden rise in the number of malwares affecting financial organisations, businesses, and Government organisations. In such a threatening scenario, the country should look forward to strengthening its weak cyber-security infrastructure.
