05-01-2018 My Mobile
The Android Trojan, Android.Fakeapp has now entered the Uber dynasty to steal the user’s genuine identity by displaying advertisements on the UI
The US based global cybersecurity software and services firm Symantec has now claimed that a new Android malware is now troubling the Uber customers with a spurious account of the company’s app so that it can obtain their passwords and users without any trouble.
The forgery is the version of Android.Fakeapp, an Android Trojan by which cyber attackers have been stealing user’s information by displaying advertisements since 2012. The Android.Fakeapp is a Trojan horse for Android devices that downloads configuration files to display advertisements and collects information from the compromised device.
This malware has an illegal Uber app UI, which displays on the screen of the user’s device at regular intervals unless the customers are fooled to enter their password, ID and the registered cell number. Once the button is clicked after providing all the information, the virus then sends the user ID and password to its remote server.
A Symantec researcher said, “This is where creators of this Fakeapp variant got creative. To show the said screen, the malware uses the deep link URI of the legitimate app that starts the app’s Ride Request activity, with the current location of the victim preloaded as the pickup point.”
“Deep links are URLs that take users directly to specific content in an app. Deep linking in Android is a way to identify a specific piece of content or functionality inside an app. It is much like a web URL, but for applications.”
In order to avert suspicion or any kind of warning to the user, the Fakeap shows the exact app on the screen that appropriately shows the user’s current location. This is what exactly done in the actual app.
Dinesh Venkatesan, principal threat analysis engineer at Symantec, said “This case again demonstrates malware authors’ never-ending quest for finding new social engineering techniques to trick and steal from unwitting users.”