Fake black screen used by Android attackers to dupe victims and steal their banking info

3comments
Fake black screen used by Android attackers to dupe victims and steal their banking info
Hackers are using a brilliant new trick to fool victims into thinking that their phones are turned off when in reality they are under attack by bad guys who are stealing bank account information and more. What is happening is that the bad guys are remotely turning the victim's screen black to make it seem that the phone is off so that the user doesn't see what is taking place below the surface.

To achieve this illusion, the hackers are able to remotely set the screen's brightness level to zero, and by disabling notifications, there are no interruptions that will end the illusion. The malware employed, called Octo, is being used on affected phones under the cover of darkness allowing the attackers to do whatever they want with the victim's handset before they can even notice that something bad is taking place on their handset.

According to online fraud detectors ThreatFabric (via The New York Post), the bad guys can tap, write, copy, and modify what they see just as though they were holding your phone in their hands. This malware can even allow the hackers to review your own QWERTY taps allowing them to figure out your PIN numbers and passwords.

ThreatFabric discovered five different bad actors behind Octo. This past February, one campaign used an app called Fast Cleaner that was supposed to rid your phone of unused apps, cool down the CPU, and more. The only cleaning out that was done was victims' bank accounts by the bad actors as the app was installed over 50,000 times.

Another campaign focused on 70 Hungarian banking apps while another attacked customers using a small number of banking apps belonging to financial organizations from Germany and Austria. Another Play Store app called Pocket Screencaster was supposed to allow the user to record the screen on his phone. The app, which could be installed only in the U.K., Poland, Spain, and Portugal, was in reality part of an attacker's malware campaign. The same attacker also got victims to tap on a fake Google Chrome update in order to gain access to the victim's banking information.

To avoid having your banking account hacked into, install apps only from developers you trust. And always check the Comments section in the Play Store for red flags.

Recommended Stories

Loading Comments...
FCC OKs Cingular\'s purchase of AT&T Wireless