Buzz
1. Mobile Apps You Should Immediately Uninstall
Cybersecurity firm ThreatFainst has identified numerous apps containing malicious code on the CH Play store. These apps can potentially steal users' banking information.
According to ThreatFainst's research, these malicious codes have been present since June and are classified as 'trojan droppers'. Therefore, the CH Play virus scanning system has been unable to detect them.
Many apps harbor existing malicious code on CH Play
These malicious codes disguise themselves as various types of software such as QR code scanners, PDF readers, or cryptocurrency wallets. It is estimated that over 300,000 devices have been affected by these malicious codes.
According to cybersecurity experts, these malicious codes can steal banking passwords or victims' authentication codes. They can even record actions from the virtual keyboard and silently capture screenshots of users' devices.
Below is a list of some apps containing malicious code that users should uninstall immediately upon detection on their devices:
Two Factor Authenticator (package name com.flowdivision)
Protection Guard (com.protectionguard.app)
QR CreatorScanner (com.ready.qrscanner.mix)
Master Scanner Live (com.multifuction.combine.qr)
Cutting-Edge QR Scanner 2021 (com.qr.code.generate)
QR Scanner Plus (com.qr.barqr.scangen)
Advanced PDF Document Scanner - Scan to PDF (com.xaviermuches.docscannerpro2)
High-Quality PDF Document Scanner (com.docscanverifier.mobile)
Free PDF Document Scanner (com.doscanner.mobile)
CryptoTracker: Your Ultimate Crypto Companion (cryptolistapp.app.com.cryptotracker)
FitPro: Your Personal Gym Buddy (com.gym.trainer.jeux)
ScanMaster Deluxe (leaf.leave.exchang)
ProFit: Your Ultimate Fitness Companion (gesture.enlist.say)
SmartPDF: AI-Powered Text Recognition (com.uykxx.noazg)
QR Genie: The Ultimate QR Creator and Scanner (com.cinnamon.equal)
QR Master: The Ultimate QR Creator and Scanner (com.tag.right)
Recently, security companies have discovered numerous malware on the Android platform. Previously, the cybersecurity software company Avast issued a warning about a scam campaign called UltimaSMS.
This campaign includes 151 fraudulent apps targeting Android smartphones. These apps disguise themselves as common software such as photo editors, camera filters, games, QR code scanners... These apps will automatically subscribe users to premium SMS services with exorbitant fees.
2. Scams, bank account theft
Scamming via social media platforms Facebook, Zalo
Many people fall victim to impersonation and fraud on social media
Facebook and Zalo users can be deceived into transferring money through the following method. First, scammers will create a Facebook or Zalo account using your information and profile picture, then they will friend your relatives and friends to deceive them and borrow money.
Many people have become victims of them because they trust matching personal information and images.
Impersonating bank employees to scam
Scammers will employ various methods to impersonate bank employees for fraud, such as:
First, they will approach, interact, invite customers to provide personal information (ID card number, passport, household registration) to support loan applications/ process loan files/ introduce attractive loan packages or deposits.
To gain trust, they also forge documents with the bank leader's signature to prove that customers have been disbursed the loan amount/ eligible for bank incentives and request an upfront payment/fee with a commitment to refund when disbursed/ receive incentives.
After receiving the money, they will block all communication with the customer to seize assets.
Secondly, the perpetrators will approach, advise, request customers to provide documents to support loan applications. Then, they will report that the documents are not eligible due to bad debts and request upfront payment due to bad debts.
After receiving the money, they will block all communication to seize assets
Thirdly, bad actors approach, invite, assist customers in withdrawing cash from credit cards, request customers to provide card information, and inform customers that they will receive a contract code sent to their phone number.
In reality, this is the OTP code for credit card deduction transactions. And when providing this OTP code to fraudsters, they will seize money through online shopping payment transactions, e-wallets, etc.
Impersonating bank messages to scam
Fake bank messages lure customers into accessing links to scam money
Scammers send messages impersonating banks containing fake links with messages about system upgrades/ winning prizes/ account verification being used abroad/ logging in from unusual locations/ temporarily suspending services,... requiring customers to access fake websites/links and follow the instructions. If customers access the link and provide information, scammers will steal money from their accounts.
This article has informed you about mobile apps containing malicious code that need to be removed and fraudulent banking practices to avoid. Don't forget to share this useful information with your relatives and friends.
