Following the news that security researchers have discovered a new mobile malware phone Trojan targeting about 2,000 android financial apps, to make it an international threat, cyber criminals have included translation for 77 different languages. Robert Capps, vp of business development for NuData Security commented below.

Robert Capps, VP of Business Development at NuData Security:

Robert Capps“The Faketoken Mobile Phone Trojan is yet another example of dangerous mobile malware that uses multiple techniques to compromise a users mobile device in order to steal their credentials, and bypass the various mobile based multi-factor authentication techniques being employed by online merchant and financial organizations. The latest version of this trojan appears to have been translated into multiple languages, broadening the potential pool of victims.  Also new, is the ability to encrypt a users phone contents, in what appears to be a mobile ransomware threat.  Add this to the already formidable threat of direct login credential theft from over 2000 major online services and applications, and Faketoken is a recipe for disaster.As the use of mobile phones increases for a variety of activities in our daily lives, so too, will this attack vector.  Users are warned to be wary downloading new and untrusted applications, and to carefully inspect the permissions requested by newly installed applications.  When installing a new app, ask yourself: Why does this application need to have permission to my contact/location?; Is this application from a trusted source or application store?; Is this application on my company’s approved list for vendors? Without awareness of the risks, side loading these apps from suspect sources is a sure fire way to victimize yourself with malware, bots and trojans. Side loading from alternative locations circumvents the value of the respective app stores who monitor applications for signs of malicious code embedded in the app.  Even then, trusted sources can miss a threat from time to time, so it’s always wise for users to be wary. As Faketoken has such wide ranging capabilities around credential theft, retailers and financial institutions would do well to harden their services from user credential theft, making these malware attacks less relevant, and stolen data less valuable to thieves. There are tools available to them that leverage customer behavior and interactions across the account lifecycle to develop a true understanding of the customer and offer the ability to prevent fraud as it’s happening. These technologies can’t happen soon enough to ensure malware like this becomes irrelevant.”