ANDROID owners have been warned that dangerous malware, disguised as McAfee antivirus software, could be lurking on their phones.
Cyber crooks rely heavily on the ability to masquerade as legitimate apps and software in an effort to rob victims of their data and hard-earned cash.
1
It’s a story as old as time – or technology.
Cybersecurity experts in the Fox-IT team of the NCC Group were the first to spot the McAfee copycat banking trojan in early 2021.
But hackers have since given the copycat a sophisticated look, leaving Android owners more vulnerable than ever.
A banking trojan is malicious software specifically designed to steal a victim’s financial information.
A new version of a malicious McAfee lookalike uses a combination of spoofing and legitimate app abuse to trick victims.
Mini explanation: Phishing vs Smishing vs Vishing
It can be hard to keep up with all the tech jargon these days – so we’ve broken down the definitions for you.
Identity theft: Fraudulent emails and websites designed to steal data.
smiling: Fake text messages that trick you into revealing information.
wanting: Fraudulent phone calls that trick you into revealing personal information.
According to researchers, attackers first send victims a text alert about an unauthorized payment transaction and share a phone number the victim can call.
Victims who take the bait are then convinced to download a compromised version of the McAfee Security app from the Google Play Store.
Google is generally good at singling out and removing risky apps from its platform, but a small number still slip through the cracks.
Most read in Phones & Gadgets
The app looks legitimate, but under the hood is malware that downloads various suspicious files to the device – all without the victim’s knowledge.
This malware dropper, called Brunhila, brings three forms of malware that want to take control of an Android device.
It allows hackers to take screenshots, log keystrokes, download, upload and delete files, install apps and even click and scroll around the device without even touching it.
If you think you’ve downloaded a sneaky McAfee copycat – delete it immediately.
Always check app reviews – as these can be warnings against downloading certain apps, especially if there aren’t many reviews for a supposedly popular app.
And as usual, be careful when downloading apps from app stores and unofficial routes.