Security Alerts & News
by Tymoteusz A. Góral

History
#1590 Android banking trojan asks for selfie with your ID
In the first half of 2016 we noticed that Android banking Trojans had started to improve their phishing overlays on legitimate financial apps to ask for more information. Victims were requested to provide “Mother’s Maiden Name,” “Father’s Middle Name,” “Maternal Grandmothers Name,” or a “Memorable Word.” Attackers used that data to respond to security questions and obtain illegal access to the victims’ bank accounts.

Recently the McAfee Labs Mobile Research Team found a new variant of the well-known Android banking Trojan Acecard (aka Torec, due to the use of Tor to communicate with the control server) that goes far beyond just asking for financial information. In addition to requesting credit card information and second-factor authentication, the malicious application asks for a selfie with your identity document—very useful for a cybercriminal to confirm a victim’s identity and access not only to banking accounts, but probably also even social networks.
Read more
#1592 These free ransomware decryption tools have rescued data from 2,500 locked devices
#1591 Fantastic malware and where to find them
#1590 Android banking trojan asks for selfie with your ID
#1589 Beware of all-powerful DDoS malware infecting cellular gateways, feds warn
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12