Introducing “BasBanke”, another malware in the already long
list of Android malware, with Brazilians’ financial and personal details on the
target.
Credit/debit card numbers, other financial data, and
personal data of Brazilians is what the cyber-cons are hunting for, via the
malware.
This malware has been effective through malicious applications
since 2018 Brazilian elections. Downloads of over 10,000 from the Google store
were made.
By way of social media platforms like Facebook and WhatsApp
the user were tricked into downloading the malware.
Later on attacks like ‘keystroke logging’, ‘SMS interception’
and ‘screen recording’ were also observed.
The advertising campaign’s URL hinted to the legitimate
Google Play Store.
A malicious app which goes by the name of “CleanDroid” is
another of the malicious apps which was advertised about on Facebook along with
a download link.
The aforementioned application pretends to help in
protecting the victim’s device from viruses and optimizing memory space.
Google play store hosts a lot of such illegitimate android
apps who pretend to be QR readers or travel guides all the way tricking the
victim.
A similar malicious campaign was discovered by a leading
anti-virus organization but with relatively less distribution rates.
On the distributor front, social media played a vital role
in it too.
Hunting and hacking down the metadata such as IMEI, telephone
numbers, device names along with other personal stuff is the main agenda.
This data after getting collected is sent to the HQ of the
cyber-hackers via C2 server.
Platforms like Netflix, YouTube and Spotify immediately
turned up their security measures after perceiving that the banking details
were being hunted.