Home > Blog > Beware of this malware while shopping online

Beware of this malware while shopping online

IamCheated.com Research Team | January 15, 2020  5:45:pm

A lot of people prefer shopping online as it is very convenient when compared to offline shopping. As the number of people shopping online increases, the risks of online shopping are also on the rise. Fraudsters have come up with new tricks to cheat people who shop online.

Recently, researchers from global cyber security and anti-virus brand Kaspersky, detected a new Trojan application which is boosting popular shopping app ratings and installations and spreading ads that annoy users. More than 14% of Indians have been affected by this malware dubbed as the `Shopper`.

This malicious app visits the app stores of the smartphones, downloads and launches applications and drops fake reviews on the user’s behalf. All this was done by the application, while hiding from the device owner.

At present, the real danger from this malicious app is limited to unsolicited ads, fake reviews, and ratings issued in the users name. But, we cannot say they would simply stick with this.

Because of this malicious app, you have to be really very careful while shopping online. A lot of online shoppers rely heavily on reviews while shopping online. But, because of this new Trojan application, you cannot fully trust what you see online as this app is boosting popular shopping app ratings and installations. It also spreads numerous ads.

At present, the focus of this app is only on retail, but it has the ability to allow criminals to spread fake information using users' social media accounts and other platforms. The researchers' attention was drawn to Trojan, dubbed `Shopper` following its extensive obfuscation and use of the Google Accessibility Service.

The service allows users to set a voice to read out app content and automate interaction with the user interface. This is designed to help people with disabilities. But, this feature presents a serious threat  the device owner in the hands of attackers

Once it has permission to use the service, the malware could gain almost unlimited opportunities to interact with the system interface and applications.

As soon as the permission is granted to use the service, the malware will get unlimited opportunities to interact with the system interface and applications. The malware will be able to capture data featured on the screen, press buttons and even copy user gestures. It is not yet certain how this malicious application is spreading. It is assumed that the malicious application might be downloaded by users from fraudulent ads or third-party app stores, while they were trying to download the genuine application.

With the intention of hiding itself from the device owner, the app masks itself as a system application and uses a system icon named `ConfigAPKs`

Once the screen of the victim's phone is locked the malicious app launches, collects information on the phone and sends it to the attacker`s servers. The server passes the commands for the application to get executed.

Not happy with a product or service? Just visit IndianMoney.com’s complaint portal IamCheated.com and post your issue. We’ll get in touch with the concerned entity and help you with the resolution. With an aim to spread awareness on fraudulent activities, we publish articles and videos on a regular basis. You can also publish reviews about companies on IamCheated.com.

CIBIL Meter