Selfie Stealing Android Trojan Discovered By McAfee Labs

A variant of the Acecard trojan malware which tricks gullible Android users into posing for a selfie while handing over other personal inflation has been discovered by McAfee Labs,

The cyber security firm noted the trojan hides behind legitimate looking apps, such as video codecs and adult video apps, which it uses to get a user to grant it the permissions needed within the Android mobile operating system to execute malicious code.

Once the app is activated, the trojan’s code is executed whereby the app icon is hidden from the user and it constantly asks for device administrator privileges to make its removal difficult.

Selfie stealing

Once the trojan is up and running, its malware payload constantly runs in the background, monitoring a user’s activity within specific apps waiting for them to be requested to put in credit card details.

When it detects this is happening, it puts an overlay on top of a legitimate app asking for credit card details, which once it receives it goes on to ask for more validating information, such as security numbers, mailing address, age, and birthday. This cumulates with the malware asking for a photo of the front and back of an ID card and then a selfie of the user with the ID in hand.

This combination of social engineering and malware means a hoodwinked user effectively gives away a whole suite of personal information commonly used with security and authentication processes in online and mobile banking and payments.

“If you entered in everything you were asked for, the cybercriminals controlling this malware would now have all the information they needed to gain access to your online accounts,” said Bruce Snell, cybersecurity and privacy director at Intel Security, the owner of McAfee.

“While it’s not the first time we’ve seen malware that asks for a picture, this is the first time we’ve seen this in mobile malware.  Cybercriminals have definitely turned their sights on the mobile platform.”

The variant of the Acecard trojan has only been affecting people in Singapore and Hong Kong so far, but with the rapid spread of Android malware, it is best for people in other nations to be aware of the threat they could face,

WHITEPAPER: Mobile Security and Risk Review

The options to combat such trojans and malware is to avoid dodgy apps and software, apply a healthy degree of scepticism with handing over too much information online or via a mobile app and service, and to make use of up-to-date mobile security software.

These kinds of trojan attacks are not likely to disappear any time soon given they can earn cyber criminals a serious amount of money.

Quiz: What do you know about cybersecurity in 2016?

Roland Moore-Colyer

As News Editor of Silicon UK, Roland keeps a keen eye on the daily tech news coverage for the site, while also focusing on stories around cyber security, public sector IT, innovation, AI, and gadgets.

Recent Posts

More Layoffs For iRobot Staff After Abandoned Amazon Deal

After axing 31 percent of its workforce when it failed to be acquired by Amazon,…

8 hours ago

Mozilla Foundation Confirms Layoffs, Eliminates Advocacy Division

Mozilla Foundation axes 30 percent of its staff, and is eliminating its Advocacy Division that…

10 hours ago

Google To Make MFA Mandatory Next Year

Improving security. Mandatory multi-factor authentication (MFA) is coming to the Google Cloud by the end…

11 hours ago

UK Government Launch AI Safety Platform For Businesses

New AI assurance platform from UK government will help businesses ensure they can safely develop…

12 hours ago

Australia Plans Social Media Ban For Children Under 16

Protecting kids? Australian government confirms plan to implement restriction on social media for children under…

13 hours ago

Canada Orders Shutdown Of TikTok’s Canadian Business

Canada ordered China's TikTok business in the country to be dissolved over national security risks,…

15 hours ago