/security

News and resources on cyber and physical threats to banks and fintechs worldwide.

New malware strain hits Eastern Asia

A new phishing malware strain that mimics legitimate apps to steal user credentials and banking data has emerged in Eastern Asia.

Be the first to comment

New malware strain hits Eastern Asia

Editorial

This content has been selected, created and edited by the Finextra editorial team based upon its relevance and interest to our community.

Typically delivered via e-mail, the 'FluHorse malware operates via a set of malicious Android applications, each of which mimics a popular and legitimate app with over 100,000 installs.

Uncovered by CheckPoint Research, these malicious apps are designed to extract sensitive information, including user credentials and Two-Factor Authentication (2FA) codes.

The apps mimicked by the FluHorse carrier apps are 'ETC,' a toll-collection app used in Taiwan, and 'VPBank Neo,' a banking app in Vietnam. Both legitimate versions of these apps have over a million downloads each on Google Play.

Cybercriminals often opt for popular apps with a high number of downloads to maximize the impact of their attack and gain greater traction.

Checkpoint discovered multiple high-profile entities among the recipients of these specific emails in this attack, including employees of the government sector and large industrial companies.

FluHorse comes as the Apac region is experiencing a major increase in cyberattacks - in the first quarter of 2023, the average organization in Apac was attacked 1,835 times per week according to Check Point Research. This is a 16% increase over the first quarter of 2022.

Sponsored [Webinar] SaaS savvy: Preparing for embedded and data driven bank payments

Related Company

Comments: (0)

[Webinar] Solving the KYC challenge with end-to-end processesFinextra Promoted[Webinar] Solving the KYC challenge with end-to-end processes