Android malware intercepts calls to banks, redirecting victims to fraudulent numbers

FakeCall malware alters bank calls, posing serious risks to Android users.

: FakeCall is a dangerous Android malware that intercepts calls to banks, redirecting them to fraudulent numbers. It deploys advanced obfuscation techniques and deceptive interfaces to extract personal data. Zimperium researchers detected 13 new variants showcasing substantial developments. The malware hijacks phone calls by becoming the default call handler.

The FakeCall malware emerges as a grave threat to Android users, utilizing sophisticated techniques to intercept bank calls. First identified in 2022, it has evolved to include 13 new variants, alarming researchers with its advanced obfuscation and call simulation tactics.

Employing dynamic decryption and a .dex file for concealing malicious code, FakeCall generates a fake interface that mimics real banking interfaces. This allows it to redirect victims’ calls to numbers controlled by attackers as an extension of voice phishing strategies.

The malware infiltrates devices through phishing attacks, installing a dropper to deploy its payload. Researchers from Zimperium note new components like a Bluetooth Receiver and Accessibility Service that enhance the malware's control, making it increasingly sophisticated and harder to detect.