Register
Promote YOUR BRAND

REPORTS

Fake e-shops on the prowl for banking credentials using android malware

April 8, 2022

ESET researchers analyzed three malicious applications targeting customers of eight Malaysian banks

The popularity of online shopping has been growing during the past few years, a trend accelerated by the pandemic. To make this already convenient way of never having to leave the couch to buy new things even more convenient, people are increasingly using their smartphones instead of computers to shop: in Q1 2021, smartphones accounted for 69% of all retail website visits worldwide, and smartphone purchases made up 57% of online shopping orders. A noteworthy aspect of buying goods and services via a mobile device is that 53% of smartphone users do it from vendor-specific applications.

Seeking the opportunity to make a profit off this behavior, cybercriminals exploit it by tricking eager shoppers into downloading malicious applications. In an ongoing campaign targeting the customers of eight Malaysian banks, threat actors are trying to steal banking credentials by using fake websites that pose as legitimate services, sometimes outright copying the original. These websites use similar domain names to the services they are impersonating the better to attract unsuspecting victims.

CAMPAIGN OVERVIEW

This campaign was first identified at the end of 2021, with the attackers impersonating the legitimate cleaning service Maid4u. Distributed through Facebook ads, the campaign tempts potential victims to download Android malware from a malicious website. It is still ongoing as of the publication of this blogpost, with even more distribution domains registered after its discovery. In January 2022, MalwareHunterTeam shared three more malicious websites and Android trojans attributed to this campaign.

On top of that, ESET researchers found four more fake websites. All seven websites impersonated services that are only available in Malaysia: six of them, Grabmaid, Maria’s Cleaning, Maid4u, YourMaid, Maideasy and MaidACall, offer cleaning services, and the seventh is a pet store named PetsMore…

Download report
SHARE:
Price: FREE
DOWNLOAD

About the Provider

ESET
ESET began life as a pioneer of antivirus protection, creating award-winning threat detection software. Now, ESET’s goal is to make sure that everybody can enjoy the breathtaking opportunities that technology offers. Today, our security solutions allow businesses and consumers in more than 200 countries and territories to make the most of the digital world.

TOPICS

Cybercrime, Cybersecurity, Malware, Online shopping, vulnerabilities

MySecurity MarketPlace, powered by MySecurity Media is a dedicated marketplace connecting industry and enterprise professionals to the latest events, education, technology and media platforms across a global security domain

LATEST EVENT LISTED

cubesatplus2024-700_480
CubeSatPlus2024
2nd-Australian-Space-Cyber-Forum
2nd Australian Space Cyber Forum
CloudX 2024
CloudX 2024

CONNECT WITH US

Twitter Facebook-f Linkedin-in Instagram Youtube Podcast Android Apple

CONTACT US

© My Security Media. All Right Reserved 2019.

Privacy Policy | Terms & Conditions | Competition T&Cs