The Android banking Trojan, which the researchers named Fakecalls, has a powerful feature that allows them to call the bank’s customer support number and directly connect the victim to cybercriminals using malware.

In the guise of the mobile app of the popular bank Fakecalls, it displays all the markings of the organization it publishes, including its official logo and support number.

When the victim tries to call the bank, the malware disconnects and shows the call screen, which is almost no different from the real one. When the victim sees the real number of the bank on the screen, cybercriminals are contacted, who can act as the representative of the bank’s customer service and obtain information that will allow them to access the victim’s funds.

Mobile banking Trojan Fakecalls can do this because during installation it requests various permissions which gives access to contact list, microphone, camera, geolocation and call management. The malware emerged last year and targeted users in South Korea, customers of popular banks like KakaoBank or Kookmin Bank (KB), security researchers said in today’s report.

While the malware has been active for some time, it has received little attention – possibly due to its limited geography – despite its fake call feature, which marks a new step in the development of threats to mobile banking. Source