[ad_1]
A new virus for Android phones has a devastating potential for the user. The threat to the system uses the official PayPal account application to transfer 1,000 USD (about 4,300 USD, but the currency depends on the location of the user) from the account of the owner to the coup d'etat.
The fraud, detected by the ESET cybersecurity specialist, takes advantage of Android's accessibility features and uses different methods to act effectively. The Trojan involves the Android Optimization app, downloaded off the official Google store and promising a better battery for the smartphone.
Once installed, the application suggests an accessibility service called "allow statistics", supposed to improve the performance of the phone. When the feature is enabled and PayPal is installed on the phone, the app sends a notification through the payment service by asking the user to log in to the account.
Once the user has clicked on the notification, he is redirected to the official PayPal application.
Once the connection is established, the malicious application takes control and mimics the user's contacts on the screen. a transfer of $ 1,000 from the victim's account to the hacker. The process is fully automated and works in less than five seconds, as you can see in the video below. This does not give the user the time to notice the action to stop the process.
The attack involving PayPal is not the only one to have been promoted by this malicious application. The hacker can still copy screens from applications to get the user to logically connect and thus steal the victim's identification information.
To avoid such attacks, it is recommended that you only download apps from Google Play's official Google Play Store. Even in this case, it is good to always consult the comments and evaluations. notes to see if the application is secure. The use of a security solution for smartphones is also indicated.
ESET has noticed in the official Google store five apps with features similar to the one described in this plan – all of which are aimed at Brazilian users. Apps were removed from the store by Google after the report was released.
Source link
