Many Android users from Singapore who are performing mobile banking transactions have fallen victims to all kinds of scammers who have been tricked to install malicious applications. WhatsApp is currently used by over 900 million people and soon, it will surpass the 1 billion milestone, so it’s an application that is targeted by many hackers. In Singapore, the hackers managed to find a way to extort money from the users who make bank transactions. When the bank was sending a SMD text message, the thief was able to intercept it and he stole the one-time password which was sent as a form of two-factor authentication. The users’ credit card numbers and other details are stolen and the hackers can make fraudulent purchases. How does this method work and how you can avoid becoming a victim, you’ll find out in this article.
The eavesdropped OTPs are sent by the malware to a command-and-control (C&C) server which is operated by the hackers. According to ABS, the malware was received on Samsung devices, and the users were tricked to install the fake system update. Not only the WhatsApp users thought that they’re installing an update, as this malware was distinguished also as an Adobe Flash Player update for Android. Sophos products identified this malware as Andr/InfoStl-AZ and Andr/InfoStl-BM and this is how it works: when you download it, it will continuously ask for Device Administrator permissions until you’ll click Accept.
When it becomes active, the malware will start displaying pop ups which will ask for bank and credit card account details, which are “needed” for the application to install the “updates”. Since you’re a WhatsApp user, the pop up will tell you to extend the annual subscription, and the message looks like this: “Add or update your billing information to extend your WhatsApp subscriptions (0.99$/year) automatically.” If you’ll give your credentials, the hackers will be able to make abusive purchases and pay with your credit card.
We remember you that WhatsApp will never display pop up windows requesting your credit card information, so if you feel that your device has been compromised and you have a virus on it, install an antivirus program and scan your smartphone, in order to remove any kind of malware.