Simon Denny’s Post

Insidious FakeCall Malware Now Targets Banking Apps ⚠️ A new, more menacing variant of the FakeCall Android malware has been discovered, representing a significant escalation in mobile banking threats. Researchers found this evolved strain can now hijack legitimate banking apps installed on compromised devices. Once FakeCall infiltrates a smartphone, it gains capabilities to: 🏦 Overlay fake login screens on top of banking apps  💳 Harvest credentials and two-factor authentication codes  💰 Initiate unauthorized transactions and drain accounts This potent threat highlights how mobile malware is rapidly evolving to bypass security controls and target financial applications directly. Prioritize mobile security and be wary of any suspicious app behaviors that raise red flags. Your money and digital identity are at stake. Read more here: https://lnkd.in/d6vfBXUW 

🚨 Security Alert 🚨 Hackers are increasingly using Progressive Web Apps (PWAs) to steal banking credentials from iOS and Android users. These malicious PWAs mimic legitimate banking apps and bypass traditional app store security checks, making them harder to detect. Users are tricked through fake update prompts and malicious ads, leading to compromised sensitive data. IT teams should be aware of this emerging threat and ensure users are educated on safe app practices. 🔒 #CyberSecurity #ITManagement #MobileSecurity #DataProtection https://lnkd.in/eU5vzcSM

🚨 New Cyber Threat: Hackers Steal Banking Credentials via PWA Apps. Cybercriminals are using progressive web applications (PWAs) to impersonate banking apps, targeting both iOS and Android users. They send fake messages about outdated banking apps, tricking users into downloading phishing PWAs that steal sensitive credentials. https://hubs.li/Q02MbP8j0 #MobileSecurity #CyberSecurity #BankingFraud #DataProtection #PWAThreats

Hackers are getting smarter, and they're now using Progressive Web Apps (PWAs) to target your banking credentials. These PWAs are sneaky, mimicking legit banking apps on both iOS and Android. They're bypassing security checks, exploiting your trust, and stealing your data without you even realizing it. This isn't just happening in one place; it's a global threat. From Hungary to Georgia, these cyber-criminals are relentless, using everything from fake SMS alerts to malicious ads on social media to trick you. Don't let them win. Remember, complacency is the enemy. Stay sharp, verify every app, and never let your guard down. The moment you do, they’ve already won. #Cybersecurity #Leadership #DataProtection #TechAlert #StayVigilant #CyberAwareness #ShieldsUp https://lnkd.in/g9CY-97F

Hackers steal banking creds from iOS, Android users via PWA apps   In a concerning development, cybersecurity experts have uncovered a sophisticated phishing scheme targeting mobile banking users. Hackers are exploiting Progressive Web Applications (PWAs) to create convincing replicas of banking apps, deceiving both Android and iOS users into surrendering their credentials.   This alarming trend underscores the need for heightened vigilance in digital banking security. It's a stark reminder that as technology evolves, so do the tactics of cybercriminals. Stay informed and stay secure. https://lnkd.in/ggDZiY3P #CyberSecurity #DigitalBanking #PhishingScams #MobileSecurity

🔊 A new Android banking Trojan, Antidot, emerged in May 2024, which steals credentials through overlay attacks and has various functionalities for complete device control. 📱 The Antidot Android Banking Trojan utilizes overlay attacks and keylogging to steal user credentials. 🔒 Does your mobile app have the detection and protection in place to prevent these types of malware? https://lnkd.in/gxc6N8Ks #mobileappsecurity #bankingtrojan #malware #mobile #android #appsecurity

🔐 Protect Your Bank Accounts: Threat actors are now using progressive web applications (PWAs) to impersonate banking apps and steal credentials from both Android and iOS users. These sneaky cyberthreats can empty out your bank accounts, so stay vigilant! 😱 Learn more in this article: Hackers steal banking creds from iOS, Android users via PWA apps1. Be cautious when granting permissions to mobile apps—some may have more sinister intentions! 📱💡 #CyberSecurity #StaySafe

🚨Hackers are exploiting Progressive Web Apps (PWAs) to impersonate banking apps and steal credentials from iOS and Android users. They use phishing campaigns through SMS, automated calls, and social media ads to trick victims into installing malicious PWAs. These fake apps bypass traditional app store restrictions and mimic legitimate apps, making detection difficult. 👉Apps involved: OTP Bank, TBC Bank #cyber #cybernews https://lnkd.in/gvkvyA5g

Threat actors started to use progressive web applications to impersonate banking apps and steal credentials from #Android and #iOS users. Progressive web apps (PWA) are cross-platform applications that can be installed directly from the browser and offer a native-like experience through features like push notifications, access to device hardware, and background data syncing. Using this type of apps in phishing campaigns allows evading detection, bypass app installation restrictions, and gain access to risky permissions on the device without having to serve the user a standard prompt that could raise suspicion. #cybersecurity #banking #credentials

More than 90 malicious mobile apps have been downloaded more than 5.5 million times from the Google Play store in the last few months. They spread various malware, including the Anatsa banking Trojan, researchers have found. The apps, discovered by researchers at Zscaler over the past few months, act as decoys for the malware, and include a variety of PDF and QR code readers as well as file managers, editors, and translators, Zscaler revealed in a blog post published yesterday. Anatsa (aka Teabot) is a sophisticated Trojan that first uses second-stage dropper applications that appear benign to users to deceive them into installing the payload. Once installed, it uses a range of evasive tactics to exfiltrate sensitive banking credentials and financial information from global financial applications. https://lnkd.in/eWTPMqCy