Faketoken Malware Hits Android Phones

Published On April 17, 2014 | By Tom Huskerson | News and Analysis

Faketoken malware has hit Android phones in the U.S. and 55 countries. Black people understand the convenience of banking through your smartphone. But that luxury has become downright dangerous to your financial health. According KasperskyLabs.com the Faketoken malware is highly effective at stealing passwords and temporary passwords used to transfer money and pay bills  using Android mobile devices.

Kaspesky labs describes the malware as a banking trojan.  The malware places itself  between you and your bank and redirects your payments to criminals’ bank accounts. Banks fight this by  using “Two-factor authentication“, implemented via SMS. When you attempt to transfer money, you must approve the transaction by using your password, and another one-time password (OTP, mTAN) sent via text message to your smartphone. Criminals have developed a scheme in which they try to infect both your computer and smartphone to steal the password and mTAN at the same time. The scheme first came about with the Zeus/Zbot malware duo, and was highly effective. So criminals have adapted the same concept with the Android malware known as Faketoken. It too has been very efffective. According to the “IT threat evolution Q1 2014” published by Kaspersky Lab Faketoken reached #13 in the Top 20 mobile threats “hit parade”, accounting for 4.5% of all infections.

Social engineering is at the heart of this malware infection and it works like this; during an online banking session the Faketoken places a request on the infected webpage telling the user to download a fake Android app needed to complete a secure transaction. The link actually leads to Faketoken. After the malware ends up on a user’s smartphone, cybercriminals then use the computer-based Trojans to gain access to the victim’s bank account, and Faketoken allows them to harvest mTANs (one time passwords) and transfer the victim’s money to their accounts.

Breaking It Down

Are you scared yet? Black people use mobile banking more than whites. So we better know about these phony apps sent our way. Making use of this knowledge could keep you out of a lot of hassles in the future. My advice is never ever download a banking app that your bank has not explicitly approved of. When using your smartphone never ever download an attachment unless you know who its from and what it is. Most malware is delivered via email attachments. Mobile banking is a major convenience in life but not without dangers. If you see and ad, app request or pop up on your smartphone phone while you are on your bank’s website log out immediately. Scan your phone for malware, I recommend Lookout, then change your passwords. One last bit of advice, malware on your phone may be there to steal more than your money. It can steal your identity and even infect your friends phone who are in your contacts. Be aware!

Like this Article? Share it!

About The Author

Tom Huskerson Bio Born in Richmond Virginia Tom Huskerson is a military veteran who settled in California after his discharge. Tom attended Santa Barbara City College where he began his writing career as a campus reporter. He worked as an intern news reporter for the Santa Barbara News-Press writing feature stories before moving on to San Francisco. At San Francisco State University Tom studied broadcast communications and began to focus on the Internet. He completed his graduate thesis on Internet advertising. Tom was the first student to ever focus on the Internet as a graduate student at San Francisco State University. After graduation he went to work for Zona Research in California’s Silicone Valley. As a research associate Tom supported senior analyst writing on the latest developments in the Internet industry. During the dot com boom Tom worked for several web businesses as a market researcher and analyst. As a writer and researcher Tom has authored various technical works including a training program for Charles Schwab security. Other projects included professional presentations on workplace violence and hiring security contractors. Tom has also written both fiction and non-fiction works and blogging for a travel website. He has published two books of short stories and completed two novels. Tom is the owner of Scribe of Life Literature and EbonyCandle.com. Tom is not the chief editor for the OnTechStreet. com. A news and information blog that focuses on tech news for African-Americans. The blog is the result of his desire to inform the African American community of the dangers and benefits of the cyber age. In his blog Tom reports on information security, new and analysis, scams and hoaxes, legal happenings and various topics that arise from the age of information. Tom believes that technology is a necessary tool for black people and they should know what is happening. Tom writes believing that techno speak is for the professional and that valuable information can be communicated using plain language. As a result he has embraced the motto, Less Tech, More Knowledge.

Related Post

We Could All Be More More Cyber Smart!
Feds Making Money Moves
Apps Worth Mentioning : SheMatters
The Hottest Air Conditioning Scam

Comments are closed.