A new Android Trojan discovered by security researchers at Google Google Play Store, uses false notices to redirect users to dangerous sites.
Doctor Web researchers have discovered many bogus applications, which were known as well-known trademarks that spread Trojan, called Android.FakeApp.174. Following disclosure to Google, the company removed these applications.
Malicious applications were not installed by many users (about 1000). However, hackers could re-publish similar apps in the Play Store and use more dangerous methods, targeting banks and spreading fake news.
As Doctor Web researchers explain, "Victims may think that the false alert is real and clicks on it, which will redirect them to a phishing site where they will be asked for the name, credentials, addresses e-mail, bank card numbers, and other confidential information. "
Trojan Android.FakeApp.174 asks its victims to allow alerts under the guise that the user is not a bot. Once the user agrees to enable alerts for "verification purposes," the device owner will receive spam, with dozens of notifications sent from Chrome using Web Push technology.
This technology makes it possible to send notifications even when the browser is closed when the site is not open in the browser and even after removing the Trojan from the system.
"These messages appear in the device notification panel and may be mistaken for system messages. They may look like social media alerts, dating sites, news agencies and other well-known services, "according to Doctor Web.
Fraudsters use these camouflaged alerts to redirect users to dangerous websites where they can fool them to give them their login credentials or even more personal information such as credit card numbers.
His researchers Doctor Web they advise users to be alert about the notifications they receive and not to register with their information if their site is unknown or seems suspicious.