This story is from May 12, 2021

Mobile users, beware of this fake Google Chrome app

A new Android malware has been found to impersonate the Google Chrome app and has infected hundreds of thousands of devices already, according to the researchers at cybersecurity firm Pradeo.
Mobile users, beware of this fake Google Chrome app
A new Android malware has been found to impersonate the Google Chrome app and has infected hundreds of thousands of devices already, according to the researchers at cybersecurity firm Pradeo. The researchers have qualified the threat as a “Smishing Trojan”.
As per the researchers, the fake Google Chrome app is a part of a mobile attack campaign that uses phishing to steal your credit card details by installing the fake app and makes your device a part of the attack campaign too.
“The malware uses victims’ devices as a vector to send thousands of phishing SMS. We evaluate that the speed at which it is spreading has enabled it to already target hundreds of thousands of people in the last weeks.”, said the researchers in their ‘Security Alert’ post on their website.
How the fake Chrome app gets into your phone
The victim gets an SMS asking him/her to pay custom fees to release a package delivery. Upon opening the link, they are asked to update their Chrome app, the alleged update being the Trojan impersonating as Google Chrome app. Then they are required to pay a small amount of about one or two dollars at the most through their credit cards. When they do so, the credit card details are hacked by a cybercriminal at the other end, which they can use to commit banking frauds.
Read More:

How your phone becomes a malware ‘super-spreader’
It doesn’t stop there. Once the fake Chrome app gets installed into the victim’s phone, it sends “more than 2000 SMS per week from its victims’ devices, every day during 2 or 3 hours, to random phone numbers that seem to follow one another.” That is how the mobile attack campaign is being orchestrated. The researchers say that the fake app has the official Chrome app’s icon and name, “but its package, signature and version have nothing in common with the official app.” To make things worse, even when “most antivirus” are able to flag the malicious application, the fake Chrome app could be “repackaged with a new signature” to go past the phone’s defences. As of now, researchers have found two such fake Chrome apps.

What you can do to prevent yourself
The researchers have advised mobile users to never provide their credit card details when an unknown sender asks for it. Also, they have asked phone users to download and update all their apps from official Google Play Store and Apple App Store only.
author
About the Author
Gadgets Now Bureau

As Team Gadgets Now, we cover everything tech -- Gadgets, how-tos, business of tech, enterprise tech, tech careers and more... Our endeavour is to be on the top of the tech news from all corners of the world.

End of Article
FOLLOW US ON SOCIAL MEDIA