There’s a criminal software out there that was first discovered in 2013 and has since been upgraded to include something really scary. Called Android Fakebank, once it gets into your device, it will trick you into replacing your bank app and once it successfully does that, the attacker will basically have access to your funds. But now Symantec tell us that the malware now has the ability to stop outgoing calls to your bank customer service. As you no longer are able to reach your bank customer support service even if you are suspicious, it will give the bad guy more time to do whatever they will before your bank finally realises. Here’s a bit of what the guys at Symantec said about it;
Once installed, the new Android.Fakebank.B variants register a BroadcastReceiver component that gets triggered every time the user tries to make an outgoing call. If the dialed number belongs to any of the customer service call centers of the target banks, the malware programmatically cancels the call from being placed.
Figure. Code responsible for programmatically canceling outgoing calls to South Korean banks
We have observed the variants targeting financial institutions in Russia and South Korea. The following are some of the customer care numbers that the variants are blocking:
- KB Bank: 15999999
- KEB Hana Bank: 15991111
- NH Bank: 15442100 and 15882100
- Sberbank: 80055550
- SC Bank: 15881599 and 15889999
- Shinhan Bank: 15448000, 15778000, and 15998000
This won’t be the first time that we will be hearing of malwares of this nature. Just this past May, I told you about a tech support scam that’s out there and it comes by simply clicking on a link such as a phony advert on the web that now locks you out of your computer and further requests you to pay online for you to gain access into your computer once again.
While your bank may not be on the list, who is to say you won’t fall victim? That’s because these threats evolve everyday and who knows what the scale by which it will expand. The safest way is to report any suspicious activities to your banks and like I said in that article, avoid clicking adverts on websites that you don’t trust.