Beware: Evolving Android Malware Can Intercept Your Bank Calls

Imagine a villain in a thrilling series who emerges more powerful after every defeat—this is the reality with a dangerous Android malware known as FakeCalls. Just when cybersecurity experts think they’ve cracked its code, it adapts and evolves, posing an even greater threat to users.

The Latest Threat: Call Hijacking

Initially reported earlier this year for impersonating major financial institutions, FakeCalls has received a significant upgrade. Recent findings reveal that this malware is now capable of hijacking calls made to your bank using Android devices. This development raises alarms about the potential for financial fraud and identity theft.

FakeCalls operates as a banking trojan, specializing in voice phishing—deceptive calls that impersonate banks to trick victims into revealing sensitive information. The older versions of this malware prompted users to call their bank through a fraudulent app. However, the latest iteration has taken a more sinister approach by setting itself as the default call handler on the device.

Understanding Default Call Handlers

The default call handler app manages all incoming and outgoing calls on your device, allowing users to answer, reject, or initiate calls. Granting these permissions to a malicious application can lead to serious security breaches. When users unknowingly allow the app to take control of their call handling, the malware is free to intercept and manipulate both outgoing and incoming calls.

According to a report by Zimperium, when a victim attempts to call their bank, the malware redirects the call to a number controlled by the attacker. The app presents a convincing fake call interface that mimics the legitimate Android dialer, complete with the real bank’s contact information. This level of deception makes it exceedingly difficult for victims to realize they are being manipulated.

Capabilities of the Evolving Malware

Beyond call hijacking, FakeCalls has the ability to steal personal data by leveraging Android’s Accessibility permissions. This grants the malware extensive control over the device, enabling it to:

• Livestream the device’s screen.
• Take screenshots.
• Unlock the device if it’s locked.
• Temporarily disable the auto-lock feature.
• Simulate pressing the home button and delete specific images.
• Access, compress, and upload photos from the device’s storage, particularly from the DCIM folder.

Protecting Yourself from FakeCalls

As the threat of FakeCalls continues to grow, here are essential steps you can take to protect yourself:

1. Install Robust Antivirus Software: While Android offers built-in malware protection through Play Protect, it is not foolproof. Consider additional antivirus solutions to ensure comprehensive coverage against evolving malware threats.
2. Download Apps from Trusted Sources: Always download applications from reliable sources like the Google Play Store. Avoid installing apps from unknown links or unofficial websites, as these can often harbor malicious software.
3. Review App Permissions: Be vigilant about the permissions requested by apps. If an app asks for access that seems unnecessary for its functionality, it could indicate malicious intent. Avoid granting Accessibility permissions unless absolutely necessary.
4. Keep Software Updated: Regularly update your device’s operating system and applications to ensure you have the latest security patches and protections against vulnerabilities.
5. Monitor Financial Activity: Regularly check bank and credit card statements for unauthorized transactions. Setting up alerts for account activity can help you identify suspicious behavior promptly.
6. Avoid Sensitive Transactions on Mobile: Limit high-risk transactions on mobile devices, particularly when using public or unsecured Wi-Fi. Opt for secure computers or contact your bank directly via verified numbers for sensitive matters.

The Hidden Costs of Free Apps

As hackers continuously refine their tactics, the responsibility falls on Android manufacturers and Google to enhance security measures. The frequency of Android malware attacks starkly contrasts with the relative safety experienced by iPhone users.