As per the official PSA, MyCERT had recently issued a security advisory about certain Android apps containing malware that are able to not only view a person’s SMSes but also obtain their TAC numbers that are normally used to conduct any banking transactions. To that end, Maybank also provided a link to the MyCERT advisory portal to show which apps have been flagged as malware-riddled but as of this publication, we are unable to access the site. An issue, we’re guessing is most likely due to people just flooding the site, presumably since Maybank’s reminder went up. Having said that, a quick Google search shows that one of the malware-laced apps that have recently been gaining activity is something known as the “SMSSpy” campaign. The methods and tactics being used are nothing new: the actors will inquire whether or not the victim is interested in earning some “easy cash”. From there, they tell the victim that all they need to do is to follow simple instructions, but also to provide their bank account details, so that they can “remit” their earnings to them, upon completion of a job that never existed in the first place. By then, the malware would have done its job. This isn’t the first time the topic of malware and fraudulent apps has arisen either. Back in April, we reported on malware found by the Slovakia-based cyber security firm, ESET Research, who said that the apps had been targeting the customers of eight Malaysian banks. Several of these apps were found to be impersonating cleaning services, including Grabmaid, maria’s Cleaning, and Maid4u, among others. The campaign was quite, in a word, sophisticated, and would actually direct users to download the malware from Google Play, although any attempts to install the apps would redirect users to servers belonging to the scammers, where they then proceed to ask for financial details. One dead giveaway to instinctive individuals would be that, upon installing the apps, there were no actual forms of validation; a security requirement that is usually hosted by all banks and financial institutions these days. Once they submit their banking details, they’ll receive an error message regarding their transaction. However, at this point, the bad actors have already received the credentials.
— Abah (@chairman_GLC) March 30, 2022 On that note, we leave you with the same message of caution that we’ve always preached: do be careful with some of these scam sites and apps, as well as apply a very healthy dose of scepticism towards SMSes and messages sent from unknown numbers. (Source: Maybank / Facebook)