Threat Database Mobile Malware FakeReward Mobile Malware

FakeReward Mobile Malware

FakeReward is classified as mobile malware targeting Android devices specifically. The threat is being deployed in attack campaigns targeting personal details and banking information of users located in India. Infosec researchers have identified at least five versions of the FakeReward threat. Details about FakeReward were released in a report by malware researchers. The cybersecurity experts were able to uncover multiple attack operations targeting Indian users, with some of other Android threats used in the attacks being AxBanker, IcSpy, etc.

FakeReward is being spread via an expansive smishing (SMS phishing) operation. The cybercriminals targeted the customers of three largest Indian banks. The harmful threat will be disguised as an application belonging to one of the three banks. During installation, the threatening application will ask for several, important permissions, mainly those related to the management of SMS. Newer FakeReward variants will mask their intentions by using more indirect approaches, such as requesting notification permissions instead.

Once fully established, FakeReward will be capable of intercepting SMS messages, effectively allowing the attackers to access any OTP (One-Time Passwords) or 2FA/MFA (Two-Factor Authentication/Multi-Factor Authentication) codes being sent to the infected device. In addition, FakeReward can display phishing windows overlaying the legitimate ones. Information entered into corrupted screens, such as full names, birthdates, phone numbers, emails, and credit/debit card details, will be scraped and sent to the attackers. With the collected data, the cybercriminals can make unauthorized online purchases or transactions, while victims will suffer severe monetary losses.


Most Viewed