DONALD TRUMP'S LEAST-TRUSTED security company, Kaspersky Lab, is still looking to protect people everywhere and has issued a warning to users of Uber and Uber-like apps about some modified malware.
The firm says that the threat is an old one in new clothes. It is based on the mobile banking Trojan Faketoken, which is a known threat but has been tweaked to steal credentials from apps for nu-taxis.
"The mobile app market is growing, and offering more and more services that store confidential financial data, including taxi services and ride-sharing apps that require the user's bank card information. Being installed on millions of Android devices worldwide has made these apps attractive targets for cybercriminals, who have significantly extended the functionality of mobile banking malware," hollered the firm.
"The new version of Faketoken performs live tracking of apps and, when the user runs a specified app, overlays this with its phishing window to steal the bank card details of the victim. The Trojan has an identical interface, with the same colour schemes and logos, which creates an instant and completely invisible overlay."
So, if you are keeping a note of threats on your data, then make a note; apps for taxi-like applications are a new one. Kaspersky said that the criminals are targeting the most popular services, which must include Uber, with the malware and that infected users face SMS message redirection for password intervention and the threat of having all their comms recorded and sent off for bad purposes.
"The fact that cybercriminals have expanded their activities from financial applications to other areas, including taxi and ride-sharing services, means that the developers of these services may want to start paying more attention to the protection of their users," said Viktor Chebyshev, security expert at Kaspersky Lab.
"The banking industry is already familiar with fraud schemes and tricks, and its previous response involved the implementation of security technologies in apps that significantly reduced the risk of theft of critical financial data. Perhaps now it is time for other services that are working with financial data to follow suit.
"The new version of Faketoken targets mostly Russian users. However, the geography of attacks could easily be extended in the future. We have seen that with previous versions of Faketoken and other banking malware in the past." µ
Liberté, égalité, no piracy
We've had no luck so you don't have to...
Oh Microsoft... not again...
Hmmm... says Microsoft