Search This Blog

An Android Malware's Robbing PayPal Accounts!



Security researchers have advised the Android users to keep a check on their PayPal accounts as quite recently, an Android malware has emerged which could easily dodge the security authentication of the application.

Not of late, a case got reported wherein a 1,000 pounds attempt at pilfering the victim’s PayPal account was made.

The attacking cyber-con enters the victim’s PayPal account on their own and easily penetrates the application’s Two-Factor-Authentication (2FA). There’s no role of harvesting login credentials.
 
The users, who have and haven’t activated their Two-Factor-Authentication, are susceptible to this attack alike.

The malware which is reportedly being distributed by a third party, primarily, has the Android’s PayPal app on its radar. Other malware with the same disposition have also been dug out.

By manipulating Android’s Accessibility Services is how the cyber-con behind it all, targets its aim on PayPal.

A researching organization got its hands on the malware which is distributed on third-party app stores and was concealed behind the veil of a battery optimization tool which goes by the name of “Optimization Android”.
Google Play Store has been a part of hearsay because of other malware that have been found on it which possess a similar flair for targeting banking apps.

The aforementioned malware’s key operation is to pilfer money from its target’s PayPal account by initiating a malicious service into the victim’s system.

And to activate this service a request is sent to the victim by the so called bland “Enable Statistics Service”.

If on a vulnerable device the official PayPal is downloaded, the malware would flash a notification to launch it.

The attacker need only wait for the user to log into the app. Once that happens, the “Accessibility Service” would start to impersonate the user’s click and will transfer the money from the victim’s account to the PayPal Address of the cyber-con.

According to the researchers, the attack doesn’t take more than seconds to fall through and in no practical reality can a user stop it in time.


The kind of currency that gets transferred hinges on the victim’s location. The work’s done within a short duration of 5 seconds.
 
The only loophole for the attackers and the only chance at the users’ safety is the kind of balance the victim has. That is, if there is less balance in the account than what the attacker has asked for and no payment cards attached to the account.

Every time the official PayPal application is launched onto the system, the improper “Accessibility Service” gets activated, making the device vulnerable to numerous more attacks.

PayPal has been officially contacted and informed about the erroneous makeup of the application and the risk the users entail.

Five other applications with an analogous disposition to the Optimization Android have been exposed in recent times, on the Google App store.

Rumor has it, that the users with this app already on their ‘downloaded apps’ list have potentially by now entered the trap and fallen prey to the attack.

A few users in Brazil have also come across this unfortunate attack.


Remedies And Advice From The Researchers
·         Keep on checking the application for any fishy transactions. If found, contact the PayPal Resolution Center and report the issue.
·         Keep track of the PayPal account balance.
·         It would really help to change the internet banking and connected e-mail passwords.
·         Try using “Android’s Safe Mode” and try uninstalling the app with the name, “Optimization Android”.
·         Keep your devices updated.
·         Keep a check on what permissions you grant to the application so downloaded.
·         Only use the official Google Play Store App to download other applications.


Share it:

Android Malware

PayPal