Introducing “BasBanke”, another malware in the already long list of Android malware, with Brazilians’ financial and personal details on the target.
Credit/debit card numbers, other financial data, and personal data of Brazilians is what the cyber-cons are hunting for, via the malware.
This malware has been effective through malicious applications since 2018 Brazilian elections. Downloads of over 10,000 from the Google store were made.
By way of social media platforms like Facebook and WhatsApp the user were tricked into downloading the malware.
Later on attacks like ‘keystroke logging’, ‘SMS interception’ and ‘screen recording’ were also observed.
The advertising campaign’s URL hinted to the legitimate Google Play Store.
A malicious app which goes by the name of “CleanDroid” is another of the malicious apps which was advertised about on Facebook along with a download link.
The aforementioned application pretends to help in protecting the victim’s device from viruses and optimizing memory space.
Google play store hosts a lot of such illegitimate android apps who pretend to be QR readers or travel guides all the way tricking the victim.
A similar malicious campaign was discovered by a leading anti-virus organization but with relatively less distribution rates.
On the distributor front, social media played a vital role in it too.
Hunting and hacking down the metadata such as IMEI, telephone numbers, device names along with other personal stuff is the main agenda.
This data after getting collected is sent to the HQ of the cyber-hackers via C2 server.
Platforms like Netflix, YouTube and Spotify immediately turned up their security measures after perceiving that the banking details were being hunted.