{"id":2027,"date":"2018-12-17T04:58:32","date_gmt":"2018-12-17T04:58:32","guid":{"rendered":"https:\/\/www.positivenewstrends.com\/?p=2027"},"modified":"2019-04-11T09:28:36","modified_gmt":"2019-04-11T09:28:36","slug":"android-trojan-deceives-two-face-authentication-of-paypal-accounts","status":"publish","type":"post","link":"https:\/\/www.positivenewstrends.com\/news\/android-trojan-deceives-two-face-authentication-of-paypal-accounts\/","title":{"rendered":"Android Trojan Deceives Two Face Authentication of PayPal accounts"},"content":{"rendered":"
Android optimizing apps are often deemed as smart, ambitious & high performing tools. Optimization tools are deployed on smart phones to improve device performance & eliminate storage issues. Hence, make the device more responsive & primed for any situation.<\/p>\n
Reckoning the merits & popularity of android optimizing tools, manipulators pioneered a malware masquerading as a battery optimization tool to yank user\u2019s chain.<\/p>\n
The nasty Trojan is distributed via third party app stores & not the official Google play Store. Users of official PayPal app act as a sitting duck for this gusty Trojan.<\/p>\n
Once the rogue application is launched, it encounters you with an endless array of negatives. Its threat behavior can be categorized in two major parts.<\/p>\n
\u00a0<\/strong>During installation, the deceptive app requests access to Android\u2019s accessibility permission<\/strong> to build a strong base. This request is presented to the user via Enable statistics<\/strong> service that appears unimpeachable.<\/p>\n If the user agrees to provide the app access to this utmost dangerous feature, it empowers the malevolent app to emulate taps & OS interactions.<\/p>\n The compromised device that has PayPal app installed lands in a pickle. The malware displays a notification alert prompting users to launch PayPal app. Once user logs in PayPal app<\/strong>, the Trojan abuses the Accessibility service<\/strong> to mimic screen taps to transfer money to attacker\u2019s PayPal account.<\/p>\n The whole process takes around 5 seconds which leaves no feasible way for unsuspecting user to intervene. The process includes:<\/p>\n The Trojan is coded such that the automated transaction takes place each time the user accesses their PayPal account.<\/p>\n Since the malicious script relies on users to log into the official payment app rather than stealing login credentials, those who have secured their PayPal app with two-factor authentication (2FA), are equally vulnerable as those not using 2FA.<\/p>\n Insufficient PayPal balance or no payment card connections to the account are the only two ways to fail the malign script.<\/p>\n\n
Overlaying the screen of Legitimate apps with Phishing Screen<\/strong><\/h2>\n