Selfie Stealing Android Trojan Discovered By McAfee Labs

A variant of the Acecard trojan malware which tricks gullible Android users into posing for a selfie while handing over other personal inflation has been discovered by McAfee Labs,

The cyber security firm noted the trojan hides behind legitimate looking apps, such as video codecs and adult video apps, which it uses to get a user to grant it the permissions needed within the Android mobile operating system to execute malicious code.

Once the app is activated, the trojan’s code is executed whereby the app icon is hidden from the user and it constantly asks for device administrator privileges to make its removal difficult.

Selfie stealing

Once the trojan is up and running, its malware payload constantly runs in the background, monitoring a user’s activity within specific apps waiting for them to be requested to put in credit card details.

When it detects this is happening, it puts an overlay on top of a legitimate app asking for credit card details, which once it receives it goes on to ask for more validating information, such as security numbers, mailing address, age, and birthday. This cumulates with the malware asking for a photo of the front and back of an ID card and then a selfie of the user with the ID in hand.

This combination of social engineering and malware means a hoodwinked user effectively gives away a whole suite of personal information commonly used with security and authentication processes in online and mobile banking and payments.

“If you entered in everything you were asked for, the cybercriminals controlling this malware would now have all the information they needed to gain access to your online accounts,” said Bruce Snell, cybersecurity and privacy director at Intel Security, the owner of McAfee.

“While it’s not the first time we’ve seen malware that asks for a picture, this is the first time we’ve seen this in mobile malware.  Cybercriminals have definitely turned their sights on the mobile platform.”

The variant of the Acecard trojan has only been affecting people in Singapore and Hong Kong so far, but with the rapid spread of Android malware, it is best for people in other nations to be aware of the threat they could face,

WHITEPAPER: Mobile Security and Risk Review

The options to combat such trojans and malware is to avoid dodgy apps and software, apply a healthy degree of scepticism with handing over too much information online or via a mobile app and service, and to make use of up-to-date mobile security software.

These kinds of trojan attacks are not likely to disappear any time soon given they can earn cyber criminals a serious amount of money.

Quiz: What do you know about cybersecurity in 2016?

Roland Moore-Colyer

As News Editor of Silicon UK, Roland keeps a keen eye on the daily tech news coverage for the site, while also focusing on stories around cyber security, public sector IT, innovation, AI, and gadgets.

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

2 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

5 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

6 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

7 hours ago