New malware spring up every day and are targeted to breach the personal information of their victims. The latest is fakedtoken, an Android malware that quietly steals information on apps and also spies on texts and phone calls according to a blog post from Kaspersky
The malware fakedtoken was first discovered last year and has become increasingly popular. It began as a banking trojan that intercepted texts to steal two-factor authentication codes. Kaspersky’s researchers say they suspect it spreads via bulk SMS text message to potential victims, asking them to download some pictures.
Once installed it hides its icon and places a covert overlay over several popular apps like google, banking apps. If a card detail is entered into any of the apps, they stand the risk of being frauded or their identity stolen. The malware can even intercept SMS messages, meaning it can get around the two-factor authentication required by some banks to authorise payments and transfers.The virus has spread to Russia and ex-Soviet countries.
Security experts recommend that Android smartphone users should not install apps from third-party sources or download unknown files. By default, Android phones only allow users to install apps from the official Google Play Store.