Authors: Cameron Abbott and Sara Zokaei Fard
Here’s one to keep and eye out for – research from ESET has discovered an Android Trojan that attempts to steal funds from PayPal accounts. The malware is distributed by third-party apps rather than the Google Playstore. Once the app is launched, no functionality is provided. Instead, the app terminates and the icon is hidden. When the victim launches their PayPal App, the malware attempts to steal funds.
The interesting thing about this malware is that unlike most, it does not focus on phishing. This malware attacks the victim and attempts to instantly transfer money to the attacker’s account, when the user launches their PayPal App. The malware is able to hijack the legitimate PayPal App through the malware downloaded through the third-party app. This raises concerns of what applications on Android mobile devices will be attacked next.