A new variant of the Android malware called FakeCall, is utilizing voice phishing (vishing) tactics to trick users into revealing sensitive information.
The malware, as analyzed by Zimperium researcher Fernando Ortega, mimics legitimate banking interactions on mobile devices, allowing attackers to intercept calls and collect personal data.
FakeCall takes control over Android devices by requesting accessibility permissions, capturing messages, contacts, locations, and even taking photos and recordings via front and rear cameras.
It poses as a legitimate app, often encouraging users to set it as the default dialer, giving it unrestricted access to incoming and outgoing calls. Ortega notes, “FakeCall deceives users by imitating the Android call interface, presenting attackers’ numbers as authentic bank contacts.”
Also read: Most Targeted Sectors by Cybercriminals — Microsoft Digital Defense Report 2024
Researchers from Kaspersky, Check Point, and ThreatFabric have observed this malware primarily targeting mobile users in South Korea since its emergence in 2022.
Among its dangerous features, FakeCall can redirect calls meant for banks to attacker-controlled numbers, prompting users to unknowingly share financial information.
To combat such advanced threats, Google has started testing a security measure that blocks sideloading apps requesting accessibility permissions in countries like Singapore, Thailand, Brazil, and India.
Source: The Hacker News
About Author
