Beware of Trojan attack! This new FakeCalls malware can hijack bank phone calls

tech.hindustantimes.com:

A newly found Android malware has been found rerouting banking phone calls to cybercriminals who approach their victims in the guise of customer support execs. The malware, dubbed FakeCalls, has been attacking users in South Korea. It mimics the interfaces of local Korean banks, and acts as a spyware tool capable of copying files and recording calls from the infected phone. Kaspersky researchers have spotted that the FakeCalls imitate phone conversations made to a bank’s customer support and connect it to the cybercriminals, who obtain bank details by posing as the bank’s customer support representatives.

As per the report shared by Kaspersky, the trojan has been seen targeting users in South Korea, especially customers of popular banks like KakaoBank or Kookmin Bank (KB). FakeCalls asks for several permissions at the time of installation and gets access to the contact list, microphone, camera, and more.

“If the victim calls the bank’s hotline, the Trojan discreetly breaks the connection and opens its own fake call screen instead of the regular calling app,” the report reads.

FakeCalls even displays real-life hotline numbers to banks within the Trojanised app, however, if numbers are called, the malware redirects the call to the cybercriminals.

First of all, the Fakecall app is disguised as an authentic banking app. On downloading, it asks for a variety of permissions, such as access to contacts, microphone, camera, geolocation and call handling. Once you allow the access, the Trojan drops incoming calls and deletes them from the device’s history. The Fakecalls Trojan even controls incoming calls and spoof outgoing calls. And when cybercriminals try to contact the victim, the Trojan displays its own call screen over the