Faketoken malware sends expensive & offensive texts at your expense

Another day, another Android malware.! This time, Faketoken malware has made a comeback and here’s what it does…
Faketoken malware sends expensive & offensive text messages at your expense

Another day, another Android malware.

In the typical life cycle of a product, we see it going through different stages. Initially, it just might be a minimum viable product (MVP) and then eventually with the addition of features, it evolves into somewhat of a fully functional product. Funnily enough, it looks like the black hat community has also been taking entrepreneurship classes.

Take the case of Faketoken malware. Coming to the scene in 2014 as an app that “intercepted text messages with one-time passwords” to assist other desktop banking trojans in stealing money, it started doing the entire process itself in 2016 as a stand-alone app. Furthermore, it was also serving as ransomware cashing users over their encrypted data.

As if that wasn’t enough, in 2017, it had upped its game considerably in mobile phishing by being able to “mimic” prominent financial apps such as Google Pay. Yet, recently, we’ve come to know of another development.

As detected by Kaspersky’s botnet activity monitoring system named “Botnet Attack Tracking,” 5000 smartphones infected by Faketoken suddenly started sending offensive text messages unauthorizedly.

“SMS capability is in fact standard equipment for mobile malware apps, many of which spread through download links they send to victims’ contacts. In addition, banking Trojans often ask to become the default SMS application so they can intercept confirmation code messages. But for banking malware to turn into a mass texting tool? We had never seen that before,” wrote Alexander Eremin of Kaspersky in a blog post.

The surprising thing in this entire scenario is that before this, we had seen trojans that would try to access a smartphone’s text messages to intercept them, often a ploy used to bypass two-factor authentication. However, malware using text messages for spamming seems to be a first.

Faketoken malware’s icon from the 2017’s attack

To make it scarier, it sends these messages to foreign phone numbers making it expensive as compared to the measly sums you’d incur with local numbers. Furthermore, to be successful, it will check your bank account to see if it has money and then use that to top up your phone number’s account. This is in case you were out of balance and so it does the honor of topping up itself.

To be safe really requires a few security solutions that anyone can easily implement. Firstly, you can exercise some common sense and shift to an iPhone. Rest assured, that was a joke. On a serious note, try to only download apps from the Google Play Store and avoid any third-party stores. In fact, even on the Play Store, make sure the apps you download have a decent number of reviews and come from reputable developers.

Secondly, with the advent of a lot of mobile malware being able to intercept your text messages, try employing another form of two-factor authentication such as receiving a code via an email or even requiring biometric identification before any transaction goes through. Lastly, install a good antivirus app. Yes, we don’t have those only for full-fledged machines, smartphones need them too.

Did you enjoy reading this article? Like our page on Facebook and follow us on Twitter.

Related Posts