The malware looks like an app using advanced security verification method. During the process, the malware executes a code in the background that asks users for payment and personal information for ‘verification purposes’.
Initially, the malware asks for credit card information and after verifying, it asks for more information including the card’s 4-digit number printed on its back. It then asks for personal details like age, birthday and mailing address. After this step, the malware asks for a picture of the user holding ID card. Once all the correct information is obtained, the cyber criminals access the user’s online accounts.
McAfee researchers revealed that the trojan is masked as an Android video plugin so it can obtain access to the various device permissions that are required for the execution of the malicious code.
For now, only users form Hong Kong and Singapore are targeted.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now