Hackers use Twitter Card vulnerability and attack users
infosec

Hackers use Twitter Card vulnerability and attack users

Twitter was found with a new vulnerability, which could allow hackers to attack its users ...
Read More
infosec

Firefox 70 brings Lockwise password manager. Get ready for a lot of hacks!

Mozilla brings Lockwise password manager to Firefox 70, which is expected to be released on October 22. Firefox ...
Read More
inet infosec

Google buys random human data for just $ 5

Google is one of the world's largest technology companies and is constantly working on new, innovative projects. It employs a ...
Read More
infosec

How dangerous and frequent is an attack on RDP-enabled computers?

How long does it take for an attack on RDP-enabled computers? In some cases, a few minutes. In most, less than 24 hours. The...
Read More
infosec

Watchbog: Attacks on servers to "keep the internet safe"

Hackers are exploiting vulnerable Jira and Exim servers to infect them with a new variant of Watchbog Linux ...
Read More
Latest Posts

A new Android Trojan misleads users through notifications

Trojan

A new Android Trojan discovered by security researchers at Google Google Play Store, uses false notices to redirect users to dangerous sites.

Doctor Web researchers have discovered many bogus applications, which were known as well-known trademarks that spread Trojan, called Android.FakeApp.174. Following disclosure to Google, the company removed these applications.

Malicious applications were not installed by many users (about 1000). However, hackers could re-publish similar apps in the Play Store and use more dangerous methods, targeting banks and spreading fake news.

As Doctor Web researchers explain, "Victims may think that the false alert is real and clicks on it, which will redirect them to a phishing site where they will be asked for the name, credentials, addresses e-mail, bank card numbers, and other confidential information. "

Trojan Android.FakeApp.174 asks its victims to allow alerts under the guise that the user is not a bot. Once the user agrees to enable alerts for "verification purposes," the device owner will receive spam, with dozens of notifications sent from Chrome using Web Push technology.

This technology makes it possible to send notifications even when the browser is closed when the site is not open in the browser and even after removing the Trojan from the system.

"These messages appear in the device notification panel and may be mistaken for system messages. They may look like social media alerts, dating sites, news agencies and other well-known services, "according to Doctor Web.

Fraudsters use these camouflaged alerts to redirect users to dangerous websites where they can fool them to give them their login credentials or even more personal information such as credit card numbers.

His researchers Doctor Web they advise users to be alert about the notifications they receive and not to register with their information if their site is unknown or seems suspicious.

Share
Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *