Threat actors have been distributing malicious applications under the guise of seemingly harmless shopping apps to target customers of eight Malaysian banks since at least November 2021.
The attacks involved setting up fraudulent but legitimate-looking websites to trick users into downloading the apps, Slovak cybersecurity firm ESET said in a report shared with The Hacker News.
The copycat websites impersonated cleaning services such as Maid4u, Grabmaid, Maria’s Cleaning, Maid4u, YourMaid, Maideasy and MaidACall and a pet store named PetsMore, all of which are aimed at users in Malaysia.
“The threat actors use these fake e-shop applications to phish for banking credentials,” ESET said. “The apps also forward all SMS messages received by the victim to the malware operators in case they contain 2FA codes sent by the bank.”
The targeted banks include Maybank, Affin Bank, Public Bank Berhad, CIMB bank, BSN, RHB, Bank Islam Malaysia, and Hong Leong Bank.
images from Hacker News