Source: TIMES OF INDIA
What do you do if you come to know that the banking app you have been using has been hijacked by a malware? You immediately call the bank's customer support to seek help. However, a new malware reported by cybersecurity firm Symantec not just replaces the interface of the banking app but also blocks calls to the respective bank's customer support numbers.
The malware has targeted several financial institutions in Korea and Russia. Dubbed as the "Android.Fakebank.B", the malware was first discovered in 2013. "In March 2016, newer variants of the Android.Fakebank.B family arrived with call-barring functionality. The feature aims to stop customers of Russian and South Korean banks from cancelling payment cards that the malware stole,"said Symantec in its official blog post.
Customers usually contact the bank's customer support through their registered mobile numbers. The call is then routed to the respective IVR systems. "By blocking these numbers, the malware creators can stop a victim from asking their bank to cancel payment cards that the variants stole. This also gives the malware more time to steal data from the compromised device," according to Symantec.
The banks and the respective customer care numbers that might be affected by this malware are, KB Bank: 15999999, KEB Hana Bank: 15991111, NH Bank: 15442100 and 15882100, Sberbank: 80055550, SC Bank: 15881599 and 15889999, Shinhan Bank: 15448000, 15778000, and 15998000.
Symantec is urging users to pay close attention to permissions requested by the apps they download and also keep important apps, always up to date.