Billions of Android users urged to delete ‘money stealing’ apps immediately from phones as they silently drain your bank
A HACKER is using fake apps and links to lure Android users into their money-stealing scams.
The hacker would trick victims into downloading malicious Android apps that pretended to be security software.
But the Apps were intended to steal MFA codes as they would ask for SMS permissions to install them, per a report by security expert Pol Thill, Tech Radar reported.
MFA codes are used for a multi-step account login process to get into personal accounts, bank accounts, etc.
If a hacker has access to these codes they can possibly silently drain your bank.
Thill discovered and identified the hacker as “Neo_Net” who is allegedly from Mexico.
The hacker was targeting victims mostly in Spain and Chile for people with banks such as Santander, BBVA, CaixaBank, Deutsche Bank, Crédit Agricole, and ING.
Neo_Net has been targeting bank users worldwide since June 2021, per the report.
The scam was also showing up through links that would send people to landing pages which could easily be mistaken for authentic websites.
This is called a data-harvesting phishing campaign.
Both are for the intention of stealing identity data for fraud purposes.
“The phishing pages were meticulously set up using Neo_Net’s panels, PRIV8, and implemented multiple defense measures, including blocking requests from non-mobile user agents and concealing the pages from bots and network scanners,” the report said.
Neo_Net’s complex techniques allowed them to hack thousands of people.
The hacker was targeting specific people.
This allowed him to get Personally Identifiable Information (PII) from people which can result in being robbed or identify fraud.
“Despite using relatively unsophisticated tools, Neo_Net has achieved a high success rate by tailoring their infrastructure to specific targets, resulting in the theft of over 350,000 EUR from victims’ bank accounts and compromising Personally Identifiable Information (PII) of thousands of victims,” the report said.
Neo_Net is described by Thill as a “seasoned cyber-criminal” who runs malicious campaigns and sells tools for others to participate in similar hacks on the dark web, per the report.