NEWS
NEWS
NEWS
New Acecard trojan malware asks victims to pose for selfies with their ID cards
A new variant of the Acecard trojan malware for Android has been discovered that asks gullible Android users to pose for selfies with their ID cards.
The trojan itself was first discovered in February and asked answers that can be used to break into bank accounts, such as “mothers maiden name,” along with credit card information and second-factor authentication. The new version discovered by McAfee Labs’ Mobile Research Team asks for a selfie photo along with a users’ identity document, giving those behind the trojan not only access to the victim’s identify but also potentially to social networks as well.
Installation of the trojan comes via fake apps pretending to provide adult videos or a codec or plug-in necessary to see a specific video, and once installed asks for device administrator privileges before hiding itself, making it difficult to remove.
Once installed, the malware then presents a phishing overlay that pretends to be Google Play. It then asks for a victim’s credit card number, followed by personal and credit card information such as the credit card holder’s name, date of birth, phone number, credit card expiration date and CCV code.
The new version then asks those who live in Hong Kong for a copy of the their government ID card complete with a selfie, or if they live in Singapore their National Registration Identity Card and passport.
Multiple services
Acecard doesn’t stop with targeting Google Play. It has also been found to collect access credentials using fake logins from social media apps such as Facebook, WhatsApp, WeChat, Line and Viber, along with other apps including Dropbox, Google Music, Google Books and Google Videos.
“Android banking Trojans such as Acecard are constantly evolving and improving their social engineering attacks to gain as much sensitive and private information as possible,” the McAfee team notes. “Attackers want not only a victim’s credit card information and different factors of authentication to financial services, but also a picture of the victim with identity document to remotely access to different systems.”
McAfee advises users to protect themselves by having security software installed on their smartphones, avoiding downloading apps from untrusted sources and not providing details to screens that ask for personal and financial information.
Image credit: McAfee
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
