Selfie Stealing Android Trojan Discovered By McAfee Labs

A variant of the Acecard trojan malware which tricks gullible Android users into posing for a selfie while handing over other personal inflation has been discovered by McAfee Labs,

The cyber security firm noted the trojan hides behind legitimate looking apps, such as video codecs and adult video apps, which it uses to get a user to grant it the permissions needed within the Android mobile operating system to execute malicious code.

Once the app is activated, the trojan’s code is executed whereby the app icon is hidden from the user and it constantly asks for device administrator privileges to make its removal difficult.

Selfie stealing

Once the trojan is up and running, its malware payload constantly runs in the background, monitoring a user’s activity within specific apps waiting for them to be requested to put in credit card details.

When it detects this is happening, it puts an overlay on top of a legitimate app asking for credit card details, which once it receives it goes on to ask for more validating information, such as security numbers, mailing address, age, and birthday. This cumulates with the malware asking for a photo of the front and back of an ID card and then a selfie of the user with the ID in hand.

This combination of social engineering and malware means a hoodwinked user effectively gives away a whole suite of personal information commonly used with security and authentication processes in online and mobile banking and payments.

“If you entered in everything you were asked for, the cybercriminals controlling this malware would now have all the information they needed to gain access to your online accounts,” said Bruce Snell, cybersecurity and privacy director at Intel Security, the owner of McAfee.

“While it’s not the first time we’ve seen malware that asks for a picture, this is the first time we’ve seen this in mobile malware.  Cybercriminals have definitely turned their sights on the mobile platform.”

The variant of the Acecard trojan has only been affecting people in Singapore and Hong Kong so far, but with the rapid spread of Android malware, it is best for people in other nations to be aware of the threat they could face,

WHITEPAPER: Mobile Security and Risk Review

The options to combat such trojans and malware is to avoid dodgy apps and software, apply a healthy degree of scepticism with handing over too much information online or via a mobile app and service, and to make use of up-to-date mobile security software.

These kinds of trojan attacks are not likely to disappear any time soon given they can earn cyber criminals a serious amount of money.

Quiz: What do you know about cybersecurity in 2016?

Roland Moore-Colyer

As News Editor of Silicon UK, Roland keeps a keen eye on the daily tech news coverage for the site, while also focusing on stories around cyber security, public sector IT, innovation, AI, and gadgets.

Recent Posts

Vodafone Germany Confirms 2,000 Job Losses, Amid European Restructuring

More downsizing at Vodafone after German operation announces 2,000 jobs will be axed, as automation…

15 hours ago

AI Poses ‘Jobs Apocalypse’, Warns Report

IPPR report warns AI could remove almost 8 million jobs in the United Kingdom, with…

16 hours ago

Europe’s Longest Hyperloop Test Track Opens

European Hyperloop Center in the Netherlands seeks to advance futuristic transport technology, despite US setbacks

17 hours ago

NHS Scotland Confirms Clinical Data Published By Ransomware Gang

NHS Dumfries and Galloway condemns ransomware gang for publishing patients clinical data after cyberattack earlier…

18 hours ago

Fewer People Using Twitter After Musk Takeover – Report

Research data suggests fewer people are using Elon Musk's X, but platform insists 250 million…

21 hours ago

Julian Assange Wins Temporary Reprieve For US Extradition Appeal

US assurances required. Julian Assange handed a slender reprieve in fight against his extradition to…

23 hours ago