Singaporean police have recently issued a warning about a new variant of Android malware scams. These scams involve scammers executing unauthorized transactions on victims’ i-banking apps before initiating a factory reset on the infected devices. In the first half of 2023, there have already been over 750 reported cases of victims downloading this malware onto their phones, resulting in losses of at least S$10 million (US$7.3 million).
The victims are initially lured into downloading the malware through advertisements on social media platforms like Facebook and Instagram, promoting various services such as home cleaning, pet grooming, and food purchases. Once interested, victims would contact the “sellers” via these platforms or messaging apps like WhatsApp. The scammers then trick victims into downloading an Android Package Kit (APK) file, specifically designed for Android’s operating system, using a uniform resource locator (URL) link provided by the sellers.
Once victims download and install the app, they unwittingly grant it accessibility services and are instructed to make a PayNow transfer as a deposit. Unbeknownst to victims, the malware secretly records their internet banking credentials as they enter them during the transfer. After accessing the victims’ banking accounts and carrying out unauthorized transactions, the scammers proceed to perform a factory reset on the victims’ devices.
It is only when victims contact their banks or reinstall their banking apps that they discover the fraudulent transactions. This timely advisory from the police serves as a reminder for users to exercise caution and remain vigilant while engaging with unfamiliar sellers or downloading apps from unknown sources.