MOSCOW, December 20. /TASS/. “Kaspersky lab” has detected a new modification of the mobile banking “Trojan” Faketoken, which under the guise of games and programs, including Adobe Flash Player, steals information from more than 2,000 financial apps for Android. According to a press release, victims of the new virus were more than 16 thousand people in 27 countries, mostly users from Russia, Ukraine, Germany and Thailand.
the experts of “Kaspersky Lab” note that the ability to encode information not typical for a banking “Trojan”. The majority of these mobile malware will block the device itself, not the data on it, because they can be stored in the cloud. Faketoken, however, encrypts this data, and both the documents and media files (including image, music and video).
When infected device, the Trojan asks for administrator rights, the right to block the Windows of other applications or become the default app for handling SMS. In case of failure a dialog box constantly restarts, in the end, the user has just to accept.
“Trojan” steals data in almost any language: after rights are obtained, it loads the database with the phrases in 77 languages, for different locations of the device. Faketoken uses this phrase to generate phishing emails and steal passwords from Gmail accounts. It is also able to close the window the Google Play Store to steal credit card information of the victim.