Beware of Trojan attack! This new FakeCalls malware can hijack bank phone calls
A new Android malware can mislead you by impersonating banking apps and stealing your money.
A newly found Android malware has been found rerouting banking phone calls to cybercriminals who approach their victims in the guise of customer support execs. The malware, dubbed FakeCalls, has been attacking users in South Korea. It mimics the interfaces of local Korean banks, and acts as a spyware tool capable of copying files and recording calls from the infected phone. Kaspersky researchers have spotted that the FakeCalls imitate phone conversations made to a bank's customer support and connect it to the cybercriminals, who obtain bank details by posing as the bank's customer support representatives.
As per the report shared by Kaspersky, the trojan has been seen targeting users in South Korea, especially customers of popular banks like KakaoBank or Kookmin Bank (KB). FakeCalls asks for several permissions at the time of installation and gets access to the contact list, microphone, camera, and more.
How does the scam work?
“If the victim calls the bank's hotline, the Trojan discreetly breaks the connection and opens its own fake call screen instead of the regular calling app,” the report reads.
FakeCalls even displays real-life hotline numbers to banks within the Trojanised app, however, if numbers are called, the malware redirects the call to the cybercriminals.
First of all, the Fakecall app is disguised as an authentic banking app. On downloading, it asks for a variety of permissions, such as access to contacts, microphone, camera, geolocation and call handling. Once you allow the access, the Trojan drops incoming calls and deletes them from the device's history. The Fakecalls Trojan even controls incoming calls and spoof outgoing calls. And when cybercriminals try to contact the victim, the Trojan displays its own call screen over the phone's, misleading users to see the phone number of the bank's support service.
The trojan not only mimics the mobile apps of well-known South Korean banks but they even insert the real bank logos and display the real support numbers of the banks as displayed on the main page of their official websites.