Security
researchers have advised the Android users to keep a check on their PayPal
accounts as quite recently, an Android malware has emerged which could easily
dodge the security authentication of the application.
Not of late, a case got
reported wherein a 1,000 pounds attempt at pilfering the victim’s PayPal
account was made.
The attacking cyber-con
enters the victim’s PayPal account on their own and easily penetrates the
application’s Two-Factor-Authentication (2FA). There’s no role of harvesting
login credentials.
The users, who have and haven’t
activated their Two-Factor-Authentication, are susceptible to this attack
alike.
The malware which is
reportedly being distributed by a third party, primarily, has the Android’s
PayPal app on its radar. Other malware with the same disposition have also been
dug out.
By manipulating Android’s
Accessibility Services is how the cyber-con behind it all, targets its aim on
PayPal.
A researching
organization got its hands on the malware which is distributed on third-party
app stores and was concealed behind the veil of a battery optimization tool
which goes by the name of “Optimization Android”.
Google Play Store has
been a part of hearsay because of other malware that have been found on it
which possess a similar flair for targeting banking apps.
The aforementioned
malware’s key operation is to pilfer money from its target’s PayPal account by initiating
a malicious service into the victim’s system.
And to activate this
service a request is sent to the victim by the so called bland “Enable
Statistics Service”.
If on a vulnerable
device the official PayPal is downloaded, the malware would flash a
notification to launch it.
The attacker need only
wait for the user to log into the app. Once that happens, the “Accessibility
Service” would start to impersonate the user’s click and will transfer the
money from the victim’s account to the PayPal Address of the cyber-con.
According to the
researchers, the attack doesn’t take more than seconds to fall through and in
no practical reality can a user stop it in time.
The kind of currency
that gets transferred hinges on the victim’s location. The work’s done within a
short duration of 5 seconds.
The only loophole for
the attackers and the only chance at the users’ safety is the kind of balance
the victim has. That is, if there is less balance in the account than what the
attacker has asked for and no payment cards attached to the account.
Every time the official
PayPal application is launched onto the system, the improper “Accessibility
Service” gets activated, making the device vulnerable to numerous more attacks.
PayPal has been
officially contacted and informed about the erroneous makeup of the application
and the risk the users entail.
Five other applications
with an analogous disposition to the Optimization Android have been exposed in
recent times, on the Google App store.
Rumor has it, that the
users with this app already on their ‘downloaded apps’ list have potentially by
now entered the trap and fallen prey to the attack.
A few users in Brazil
have also come across this unfortunate attack.
Remedies And Advice From The Researchers
·
Keep on checking the application for any fishy
transactions. If found, contact the PayPal Resolution Center and report the
issue.
·
Keep track of the PayPal account balance.
·
It would really help to change the internet banking
and connected e-mail passwords.
·
Try using “Android’s Safe Mode” and try
uninstalling the app with the name, “Optimization Android”.
·
Keep your devices updated.
·
Keep a check on what permissions you grant to the
application so downloaded.
·
Only use the official Google Play Store App to download
other applications.
