The resurgence of an Android banking trojan, dubbed Faketoken, is draining victim’s banking accounts to fuel offensive mass text campaigns targeting mobile devices from all over the world. Besides using fake logins and phishing overlay screens to steal credentials and exfiltrate mTAN numbers used by banks to validate online transactions, the malware can also generate customized phishing pages targeting over 2,200 financial apps, and can steal device information such as the IMEI and IMSI numbers, the phone number and more.
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
