The malware developers paid special attention to the protection of their malware, using several unique evasions that we had not previously seen in the wild. We discovered more than 2500 samples of the FakeCalls malware that used a variety of combinations of mimicked financial organizations and implemented anti-analysis (also called evasions) techniques. According to the report published on the South Korean government website, financial losses due to voice phishing constituted approximately 600 million USD in 2020, with the number of victims reaching as many as 170,000 people in the period from 2016 to 2020. Voice phishing attacks have a long history in the South Korean market. FakeCalls malware targeted the South Korean market and possesses the functionality of a Swiss army knife, of being able not only to conduct its primary aim but also to extract private data from the victim’s device. We encountered an Android Trojan named FakeCalls, a malware that can masquerade as one of more than 20 financial applications and imitate phone conversations with bank or financial service employees – this attack is called voice phishing. This “stay-low-aim-high” approach is what the Check Point Research team saw in our recent Android malware research. The malware does not need to be high profile, just careful selection of the audience and the right market can be enough. When malware actors want to enter the business, they can choose markets where their profit is almost guaranteed to be worth the effort – according to past results. Research by: Bohdan Melnykov, Raman Ladutska
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |