Compliance Management, Privacy

Phishing campaign targets Android users in Russia

A new phishing campaign targeting Android users in Russia threatens to steal the mobile banking credentials of mobile banking users, according to post on the Symantec blog.

Instead of creating an app that disguises itself as a specific banking app, the malware, Android.Fakelogin, masquerades as a mobile game that users download. 

In speaking with, Satnam Narang, senior security response manager at Symantec, said the app searches for banking apps that may be running on the users' device, then creates an over page to disguise as that app. The mobile games that infect devices with the Android.Fakelogin malware, are not available on Google Play store, so Narang suggested that users only download apps from the official Google Play store.

The vulnerability was addressed by the most recent Android update, Marshmallow.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.