A new Android malware known as ‘FluHorse’ has been uncovered, which targets users in Eastern Asia with fake applications that seem like legitimate versions. Check Point Research uncovered the malware, which has been targeting various regions of Eastern Asia since May 2022.
The FluHorse malware is delivered via email, and its purpose is to steal the target’s account credentials and credit card details, as well as two-factor authentication (2FA) codes if necessary. Malicious emails are sent to high-profile targets, encouraging them to take fast action to remedy a payment issue.
Typically, the victim is directed to a phishing site via a link in the email, from which they download the bogus program APK (Android package file). The FluHorse carrier apps resemble ‘ETC,’ a Taiwanese toll-collection software, and ‘VPBank Neo,’ a Vietnamese banking app. On Google Play, both authorized versions of these apps have over a million downloads.
Check Point also discovered malware masquerading as transit software used by 100,000 people, although the name of the virus was not provided in the study.
Upon installation, all three bogus apps request SMS access in order to intercept incoming 2FA codes in case they are required to hijack the accounts.
According to the analysts, the fake app
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: