![]() These are usually distributed via third-party app stores. This C&C server also receives the credit card information stolen from the user in the previous steps.Ĭybercriminals frequently take advantage of popular and hotly anticipated titles to push their own malicious apps. This allowed an attacker to lock the user out of their own device. The app also allowed a remote attacker to reset the device’s PIN this was done via commands issued by a command-and-control (C&C) server. As is the norm, it asks for various permissions:įigure 6. In this post we’ll discuss the behavior of a new credit card stealing variant named “Fobus” (detected as ANDROIDOS_FOBUS.OPSF).įobus was distributed via third-party app stores. In the same time frame, we saw 34 fake apps explicitly named “Super Mario Run”-it’s a noteworthy trend, as we saw the first of these only in December 2016. This is not the first time that the name of a popular game was abused we’ve discussed how the popularity of Pokémon Go was similarly abused.īased on feedback from the Smart Protection Network™, we saw more than 400 of these apps in the first three months in 2017 alone. Mobile games have always proven to be attractive lures for cybercriminals to get users to download their malicious apps and potentially unwanted apps (PUAs). Super Mario Run is a mobile game that Nintendo first released on the iOS platform in September 2016, followed by the Android version on March 23, 2017. We highly recommend that enterprises adopt passwordless authentication for critical services.Trend Micro has identified more malicious Android apps abusing the name of the popular mobile game Super Mario Run. We earlier reported about how fake apps were using the app’s popularity to spread attackers have now released versions of these fake apps that steal the user’s credit card information.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |