Tech News Desk – The use of phones has increased so fast that fraudsters keep finding ways to cheat people in different ways. These days there are also reports that virus has been found in many apps of Play Store and it has been banned. Hackers steal sensitive information of users through malware. New research has revealed that hackers are targeting users through FluHorse malicious apps, which look genuine at first sight. Users are also cheated because millions of people have already downloaded these apps.
According to a study by Check Point, these apps are designed to extract sensitive data including passwords and even two-factor authentication (2FA) codes. Two-factor authentication is a setting that is considered the most secure in terms of security. Like all malware, it can infect your system, but the scary thing is that it can be done with just one tap. However, it has been found that email is used to spread malware, especially in East Asia. In the beginning, hackers target high-profile people, who are public figures, in phishing attacks. The most worrying thing about the FluHorse virus is that it cannot be caught for several days.
How does FluHorse work?
In this, a link can be sent through email, which sends the user directly to the phishing website. The user is then asked to download the phony APK (Android package file) of the fake app. Once this is done, the FluHorse app impersonates ‘ETC’, a Taiwanese toll collection app, and ‘VPBank Neo’, a Vietnamese banking app. According to the report, all three fake apps send 2FA codes that appear after installation. SMS ask for access to intercept. This is when those codes are needed to compromise the account.
How to identify it to protect yourself?
Fake apps are similar to the real user interface, but they are limited to two to three windows, which load forms and collect the victim’s data. They are used to collect victim’s account details and credit card information to make the process appear genuine. After that, the app comes up saying ‘System is busy’ for 10 minutes. Then meanwhile, operators work in the background to intercept the 2FA code and use the stolen data. Also recently hackers have come up with another method. In this, users are being duped by using a page showing meta-approved ads loaded with malware.