Published on November 6, 2024
Vincent Paquette
François Charron
Cybersecurity experts are sounding the alarm over malware that could affect Android phones. His name? FakeCall. It allows hackers to hijack phone calls. More precisely the calls we make to our bank or our financial institution. The goal? Steal our money.
Researchers from Zimperium, a firm specializing in mobile security, published a report concerning a new version of the FakeCall malware.
This virus has been known since 2022, but it has grown since then.
At the time, the virus sought to overlay a fake login page from our banking institution on top of their legitimate application.
In short, the goal was for us not to notice anything and to enter our connection information. Once the information was in hand, hackers could then break into our account.
But the fraud now goes much further…
How FakeCall Virus Scam Works
From what we can read in the Zimperium report, the FakeCall malware now seeks to intercept telephone conversations that we make or receive from our financial institution.
We then enter into a social engineering fraud called “vishing”. In French, we will talk about voice phishing.
Essentially, FakeCall malware spreads via phishing links. So, it can be by email, Messenger style instant messaging or via text message.
By clicking on the link, you download an APK file. An APK file is a file used to install an application on an Android phone or tablet.
This application in question will seek to become our default phone application. In summary, the application allowing us to make and receive calls.
The name FakeCall then takes on its full meaning. Its purpose is then to identify whether we dial the telephone number of our bank or whether we receive a call from this number.
When it detects that this is the case, FakeCall displays the institution’s number, but in reality it diverts the call to the fraudsters.
The fraudster will then impersonate an employee of our financial institution and ask us for personal information in order to be able to interfere with our account.
Zimperium also discovered that the latest versions of FakeCall bring several improvements and attack mechanisms.
First, FakeCall added a Bluetooth listener and screen status monitor.
The malware can also exploit Android’s accessibility service. This allows it to gain extensive control of the user interface to monitor composer activity, automatically grant itself permissions, and simulate actions such as clicks and gestures.
Finally, it is able to take remote control of the device, obtain our location, delete applications, modify our contact list and record video screenshots.
How to protect yourself from FakeCall malware?
Looking at the list of its malicious actions, we obviously don’t want to install it on our Android phone.
To do this, you need to apply these three main tips.
First, you need to know how to recognize phishing attempts. Since FakeCall is spread via these, we drastically reduce our chances of being infected if we do not click on such a link.
Next, we must remember that we must always download our applications through a safe store such as the Play Store. Of course, it’s not perfect, but it’s still safer than downloading an APK file.
Finally, to have complete peace of mind, you must have a good mobile antivirus.
An antivirus will not only help us detect phishing links, but it will also prevent the downloading of malicious files and applications. Not to mention that it will be able to remove a virus that we were able to download previously via an APK file.
Plus, it literally costs around twenty dollars a year. We would be crazy to do without it when the majority of online threats target mobile devices.
Nos suggestions d’antivirus mobile
Related News :