New Android malware steals Uber credentials

Uber users are in danger again

New Android malware steals Uber credentials

Only a month ago, Uber users and drivers learned that their privacy might be put at risk due to the massive data breach.[1] However, this time security researchers warn about new Android malware that uses a sneaky method to steal user credentials, including a phone number or credit card details.

Researchers from Symantec[2] report that it’s a new variant of Android.Fakeapp malware which was originally detected in 2012.[3] However, it has updated numerous times, and the recently discovered version tries to steal users credentials by deep linking URL in the real Uber app.

According to the researchers, malware spreads via untrusted third-party app stores. Fortunately, it hasn’t affected many Uber users. However, people are advised to be careful and do not get trick by a new criminals’ trick.

Android malware uses a spoofed version of the Uber app

This recently discovered Android virus[4] uses a sophisticated technique to cover attempts to steal data. The malicious program triggers a fake Uber app user interface which asks a victim to enter his or her login and password. Entered credentials are immediately sent to a remote server, and might be used for further crimes.

However, developers created a malicious program in a way that it hides its attempts to steal data. Once a victim enters credentials and clicks “Next” button, the app shows a regular Ride Request activity screen with current user’s location. This activity is created using a deep linking technique which allows redirecting to the URL of the real app.

This sophisticated social engineering technique prevents users from suspecting criminals’ activity. They see a current location and can start searching for Uber to drive to the needed place.

However, just like other similar data-stealing malware, Android.Fakeapp also asks to enter credit card detail or enter a phone number. Thus, Android malware attack might lead to money loss and other privacy-related issues.

Protect yourself from mobile malware

Nevertheless, security experts say that mobile malware hasn’t affected many Uber users; it is still advised to remain vigilant and pay more attention to cyber security. Thus, we would like to remind the major security tips:

  • Do not download apps from third-party stores and stick to Google Play only.
  • Check the information about developers before downloading the app from Google Play Store. Sometimes malicious apps sneak into the official store.[5] Thus, double-checking information about developers is needed.
  • Read user reviews and comments outside the app store. Developers of malicious apps might create fake reviews or delete real ones. Thus, you should do your research.
  • Read app permissions before installing applications and avoid applications that require full access to your device, contacts, and other details that are not needed for the app to operate.
  • Install reputable mobile antivirus.
About the author
Lucia Danes
Lucia Danes - Virus researcher

Lucia is a News Editor for 2spyware. She has a long experience working in malware and technology fields.

Contact Lucia Danes
About the company Esolutions