Android banking malware blocks victims’ outgoing calls to customer service
Newer variants of the Android.Fakebank.B family arrived with call-barring functionality. The feature aims to stop customers of Russian and South Korean banks from cancelling payment cards that the malware stole. Once installed, the new Android.Fakebank.B variants register a Broadcast Receiver component that gets triggered every time the user tries to make an outgoing call. If the dialed number belongs to any of the customer service call centers of the target banks, the malware programmatically prevents the call from being placed.
Original source: Symantec. Read the full article >>>
The IntactPhone Protection
The IntactPhone provides several defense layers to address similar attacks. The first defense is the integrated leading anti-malware application that blocks the malware from penetrating the device. The second layer is apps installation only via the command and control center, thus eliminating the possibility of careless, unintentional installation of the malware. The third layer is derived by the internal phonebook that allows calls between enrolled devices with spoofed names. As such, there is no way to block the communications between enrolled users as there are no ways, a priori, of knowing what their names are and forcing a blocking mechanism.