There is a new threat for Android, which is called Fakedtoken. This is a banking Trojan that was just found by Kaspersky researchers. The new Fakedtoken banking Trojan is just another reminder that you should not be entering in your personal information, such as credit card numbers, to websites and apps that look fake or shady. Read on to learn more about the new Fakedtoken banking Trojan and what it could mean for Android users.
Fakedtoken Banking Trojan Hits Android
The Fakedtoken banking Trojan was found by Kaspersky researchers, and it was shown to steal the financial information as it was entered into apps and websites. This banking Trojan also has the ability to spy on the phone calls and text of infected Android devices. The banking Trojan has been getting more sophisticated over the past year, with it at first just intercepting texts.
The interception was to get the two-factor authentication codes, but now, Fakedtoken has evolved into something more damaging. The fact that this banking Trojan has evolved in just a year shows how bad this malware could possibly be, and it means that it is likely to keep evolving in order to be hidden from Verify Apps and other security features found on Android devices.
Now, the Fakedtoken banking Trojan is able to spread through the use of bulk SMS texts. The malware will send the text to unsuspecting Android users, and then it will ask the person to download pictures. If you download these pictures, then Fakedtoken will install itself onto your Android device. The icon is hidden so you do not even know it has been downloaded, and then there is an overlay that will be placed on many different apps. This overlay happens often times on banking apps and other similar apps where you would be entering financial information. This could include Google Play Store, Android Pay, and flight or hotel booking apps.
Fakedtoken Banking Trojan Threatens To Steal Information
After your Android device has been infected and the overlay for the Fakedtoken banking Trojan is in place, the people behind Fakedtoken will have access to all of your financial information. If you use any website or app to pay anything, such as entering credit card details, those behind the malware will see those credit card numbers and other data. This means that people are at risk for things like identity theft and fraud. There is even a part of Fakedtoken that can intercept your text messages, which then means that two-factor authentication is not going to help you in this situation.
When it comes to the banking Trojan, it is largely being seen right now in Russia and other countries that were associated with the Soviet Union. There have not been thousands of attacks at this point, which means Fakedtoken could be a test of another banking Trojan that is being formed. Both the coding and the overlays appear to be in Russian, which means the hackers are trying to go after Russian countries specifically.
Even though Fakedtoken seems to be aimed more at Russia and ex-Soviet countries right now, this is still a threat to people in the United States and elsewhere. What we are seeing with this banking Trojan is that it can end up causing you severely impaired if your credit card or banking information is stolen.
This is just another reason why you should not be downloading apps from any third-party app store, and you should definitely be downloading anti-virus and anti-malware protection for your Android device. Since this particular banking Trojan is hidden and the icon is removed from your Android device, there really is no way to know whether or not you have been infected or know which apps from third-party app stores might be carrying this malware.