Service receive & sending SMS

New Android virus manages PayPal accounts

1398   |     /   Security

New Android virus manages PayPal accounts
ESET security researchers have discovered a new dangerous Android Trojan that masquerades as a performance-enhancing application. His goal: robbing a victim blindly by gaining access to PayPal accounts. Even two-factor authentication accounts are not secure.

To prevent attackers from reaching your bank accounts via a mobile number, use the "receive SMS online" service to confirm registrations on unfamiliar sites.

This is how ESET says how the malware works. When the user starts the application, it immediately crashes. In fact, it is still running in the background. Then a fake Android security prompt appears asking you to include what looks like a legit statistics service. In fact, the user gives access to a function that allows a malicious program to do its dirty work.

If the malware finds the PayPal application installed on the victim’s phone, then it will go to a new level. A warning appears prompting the user to log into PayPal. After entering the system, the malware uses the accessibility service to simulate user input in the PayPal application. These invisible actions try to send money to the attacker's own PayPal accounts.

Two-factor authentication cannot protect PayPal victims from this particular attack. Because it is part of the sign-in process they are used to. If the user liked the fake notification, punching in the 2FA code will seem like a completely normal thing, especially if it is done right in the PayPal application.

According to ESET researchers, the malware tried to transfer a whopping 1,000 euros. The amount and type of currency are adjusted depending on the location of the victim. If the PayPal balance is too low and there is no source of financing connected to the user account, the attack will fail.

The trojan does not stop there. He has other tricks up his sleeve.

ESET noted that malware will also carry out so-called overlay attacks. This is a form of phishing that attempts to trick users into entering payment card information on a screen that apparently belongs to a legitimate application. This particular trojan acts as Gmail, Skype, Whatsapp, Viber and several banking applications.

There have already been many similar malicious programs for Android, and most users do not need to worry about infection. ESET detected the trojan only in third-party app stores. Stick to Google Play for your apps and games and you won’t fall for it.

Similarly, such Trojans can control other popular electronic money systems, such as webmoney, Yandex money and others.

Similar news

The worst passwords of 2018

Making a really good password is not easy. Worse, this is a task that many people find not so important. You only need to look at the list of the most common passwords of this year for proof.

New virus for hacking uses meme pictures

Now you are unlikely to be able to scroll through the entire news feed without meeting at least one meme. They are everywhere, and they are not just sent to laugh.

Windows Sandbox Bulletproof Malware Protection

It is probably hard to say which applications are safe and trustworthy and which are not. Installing a program that turns out to be malicious, and there is no way to undo actions? This may change soon if your computer is running Windows 10 Professional.


This is not only a service for receiving and sending SMS messages to virtual numbers, but also a tutorial on user safety in the modern world, the latest developments in IT, social media security, fresh programs and lessons that simplify our lives. So are other issues encountered by the average user. In simple words, each user will find for themselves something interesting or answers to their questions.

SIMonline © 2018 - 2024

All rights reserved