However, after stealing a victim’s account credentials and credit card details, the apps show a message which says that “system is busy” for 10 minutes. ![]() To appear more legitimate, all of these fake apps copy the user interfaces of their legitimate counterparts. Upon installation, all three malicious apps request SMS access on an infected Android smartphone in order to intercept incoming 2FA codes which are then used to hijack a victim’s accounts. The emails themselves use unpaid invoices as a lure and contain links to phishing sites where recipients are encouraged to download the APK file for the ETC, VPBank Neo or an unnamed transportation app used by 100,000 people. ![]() The attacks used in this campaign begin with malicious emails sent out to high-profile targets. The legitimate versions of both of these apps each have over a million installations. The FluHorse malware is currently being spread through malicious apps impersonating the Taiwanese toll app ETC and the Vietnamese banking app VPBank Neo. ![]() Woman holding phone and credit card after being hacked
0 Comments
Leave a Reply. |