More than just a Free VPN

Malicious Android App

Malicious Android App Steals Malaysian Bank Credentials

Fake House Cleaning

A fake Android app posing as a “Cleaning Service Malaysia” is stealing online banking credentials from eight Malaysian banks. The app is promoted through fake websites and newly created social media accounts.

The malicious app displays a reservation form for a house cleaning appointment. Once the victim provides all the information asked on the reservation form, it will proceed to ask users to login from their respected banks using a fake login form that looks like the original bank form. Any card credentials entered on the fake login will be sent directly to hackers.

Things to remember:

  • Only download apps from the Google Play Store.
  • Carefully review permission requests and avoid installing apps that request more privileges than it should require for its functionality.
  • Check the website address in every form that asks you for personal or financial details to verify you interact with the real service you trust.
  • Always search for reviews / comments online about new companies or services you want to try out. other customers experiences may prevent being scammed.

Source: BleepingComputer – Malicious Android app steals Malaysian bank credentials, MFA codes