...
...
Next Story

Another malware in play, targets bank customers: Microsoft

Next time you receive a text message alerting you that reward points, accumulated on your credit card

Updated on: Sep 26, 2022 01:18 PM IST
By , Mumbai
Prefer HTon Google
Advertisement

Next time you receive a text message alerting you that your reward points, accumulated on your credit card transactions, are about to expire and should be immediately redeemed, don’t click the link until you are sure of the sender’s authenticity.

Image for representation (Getty Images/iStockphoto)
Image for representation (Getty Images/iStockphoto)

Microsoft’s research unit has revealed that hackers are slipping a potent malware into the cell phones of numerous bank customers, which can capture the incoming text messages, thus effectively rendering the multi-factor authentication useless. Ironically, this is the same malware that had targeted State Bank of India and Axis Bank customers in 2021.

“Masquerading as a banking rewards app, this new version has additional remote access trojan capabilities, is more obfuscated, and is currently being used to target customers of Indian banks. The SMS campaign sends out a message containing a link that points to the info-stealing Android malware,” a report by Microsoft 365 Defender Research Team said.

The message sent by the malware designers contains a link, and on opening it, a fake app in the name of the bank is installed on the user’s phone. Then it asks for a variety of access permissions and in the next stage, a “log in” page opens, requiring the net banking credentials and the CVV numbers of credit card. When the bank sends a one time password to the victim’s phone to enable a transaction, it is captured by the malware and relayed to the hackers.

Worryingly, Microsoft’s analysis has found that the malware is also capable of accessing the phone’s call logs and contacts list as well as modifying its audio settings.

Additional director general Madhukar Pandey, Maharashtra Cyber, said, “Cyber criminals are luring the people into clicking the link that installs a dangerous malware which can lead to financial loss, data theft, and identity theft. The simple trick to prevent this is to never click any SMS or WhatsApp link from an unknown source.”

The research findings, compiled by Shivang Desai, Abhishek Pustakala and Harshita Tripathi, were made public earlier this week.

 
Catch every big hit, every wicket with Crickit, a one stop destination for Live Scores, Match Stats, Infographics & much more. Explore now!

Stay updated with all the Breaking News and Latest News from Mumbai. Click here for comprehensive coverage of top Cities including Bengaluru, Delhi, Hyderabad, and more across India along with Stay informed on the latest happenings in World News.
Catch every big hit, every wicket with Crickit, a one stop destination for Live Scores, Match Stats, Infographics & much more. Explore now!

Stay updated with all the Breaking News and Latest News from Mumbai. Click here for comprehensive coverage of top Cities including Bengaluru, Delhi, Hyderabad, and more across India along with Stay informed on the latest happenings in World News.
SHARE THIS ARTICLE ON
Hindustantimes wants to start sending you push notifications. Click allow to subscribe