A variant of FakeCall ‘malware’ has expanded its capabilities to not only deceive the victim with fraudulent calls, but also intercept their own calls to redirect them to numbers controlled by cybercriminals in order to steal their sensitive data.
Researchers at security firm Zimperium have noticed a variant of Android malware known as FakeCall, designed to trick victims through fraudulent calls.
FakeCall is a threat that is mainly distributed through ‘phishing’, that is, emails that pretend to come from a legitimate sender, tricking the victim into downloading a file.
Once it is on the Android phone, it installs a malicious payload to connect to a command and control server managed by cybercriminals.
In this way, They manage to take control of the device, making it easier to carry out actions on it. In the case of the variant analyzed, it can camouflage the number of a fraudulent call and intercept the calls you receive or does the user to redirect him to a fraudulent number, as reported on their official blog.
In both cases, the goal is to trick him into Give personal and sensitive data, such as the card or bank account number or access credentials to certain digital services.
Zimperium’s investigation has identified 13 apps and two dex files associated with the FakeCall campaign.
#Android #FakeCall #virus #careful #control #mobile #phone #leave #account