Mobility paves Samsung’s silver path
The Korean giant’s early bet on mobile phones helped it hit the $10-bn mark in India, but in its 25th year it ...
‘Virtual girlfriend’ and ‘panda banker’ have creeped into the Indian cyberspace. - Getty Images/iStockphoto
Two social media-triggered spyware viruses - ‘virtual girlfriend’ and ‘panda banker’ -- have creeped into the Indian cyberspace and can steal a user’s banking details and secret data once activated unknowingly, a cyber security advisory has said.
The more notorious one is personal data stealing virus ‘virtual girlfriend’ that “infects” a user’s android-based smartphone via popular social media site Twitter. “There have been reports of a new android malware family which is being spread disguised as an adult game known as virtual girlfriend through Twitter,” the Computer Emergency Response Team of India (CERT-In) said in a latest advisory. “This malware has the capability to steal the user’s data on to the C2 server (command and control server used by the virus),” it said.
Virtual Girlfriend
CERT-In is the nodal agency to combat hacking, phishing and to fortify security-related defences of the Indian internet domain. The advisory said that the “primary source of this malware is Twitter” and there are multiple handles (possibly bots) on this micro-blogging site that “have been sharing” the short link to this malware to entice users into installing it on their devices.
“The short link leads to the website hxxp://miakhalifagame[.]com/,” it said. The agency said the malware cons the user by flashing a message that it is getting un-installed but instead, it “hides” its icon from the app (application) drawer and continues to run silently in the background.
It then steals the android phone user’s mobile number, account detail, installed app list, contacts and SMSes, the advisory said. Once the classified information is compromised, the person becomes more vulnerable to cyber frauds that may lead to the user’s money being robbed rob and personal details such as photos and message content compromised, a cyber security expert said.
Panda Banker
Similarly, the other spyware that has been noticed on the Internet is the ‘panda banker’, a spin-off of the zeus banking trojan malware (a prominent hacking virus). “It leverages man-in the-browser or web inject attack techniques to steal user’s banking credentials,” the advisory said.
The malware, it said, generally spreads via unscrupulous attachments or via exploit kits (malicious snooping virus programmes) such as “ngler”, “nuclear” and “neutrino” exploit kits. “Though, the prime-targeted sector of this malware is financial sector and crypto currency sites, it also expands its attack in different organisation sectors like social networking sites, search, e-mail and adults sites,” it said.
Once successfully installed, this virus starts analysing the victim’s system to get information such as name of anti-virus, computer name, spyware installed, username, local time, among others, and sends this data to the C2 server, it said.
The malware finally starts performing unauthorised, malicious activities like stealing the banking credentials, generating fraudulent transactions using automatic transfer system (ATS), web inject ,installing ransomware, crypto mining among others.
Safety measures
The CERT-In has suggested users to follow safe browsing practices along with deploying certain countermeasures to thwart the two viruses. “Don’t open attachments in unsolicited e-mails, even if they come from people in your contact list and never click on a URL (universal resource locator) contained in an unsolicited e-mail, even if the link seems benign. “In cases of genuine URLs close out the e-mail and go to the organisation’s website directly through browser,” the cyber security watchdog said.
It made a specific suggestion that prior to downloading or installing apps on android devices (even from Google play store), one should always review the app details, number of downloads, user reviews, comments and the additional information section there.
Users should also “enable” the two-factor authentication for their Google or other accounts and should use device encryption or encrypting external SD card, it said, adding one should avoid using unsecured, unknown wi-fi networks.
The Korean giant’s early bet on mobile phones helped it hit the $10-bn mark in India, but in its 25th year it ...
Antrix should adopt a different tactic than merely fighting over jurisdiction: Experts
Invest in relationships, enterprise, behaviour, effort and learning
From different types of osmoses to new membranes, researchers have come up with ways of drawing water
What filters should you apply when mining for under-the-radar small-cap stocks? Read on to find more
There’s no reason to bail out of your fund as long as it’s matching the category average
Amid choppiness, the benchmark indices slipped marginally; approach the week with caution
SBI Cards (₹1,032.7): Witnesses fresh breakoutBetween September and December last year, the stock of SBI Cards ...
What makes the new crop of young Indian cricketers such game-changing winners? Over and above their talent, ...
For their dead, Parsis practise a 3,000-year-old system where corpses are excarnated in the Tower of Silence, ...
The morning she gave Peter and Neha, and their baby daughter Minty, a tour of Ambassador Apartments, Mrs ...
It’s the 111th birth anniversary of jazz musician and guitar genius Jean ‘Django’ Reinhardt. This week’s quiz ...
Digital is becoming dominant media, but are companies and their ad agencies transforming fast enough to make a ...
Slow Network, promoted by journalist-lyricist Neelesh Misra, pushes rural products and experiences
How marketers can use the traditional exchange of festive wishes meaningfully
For Fortune, a brand celebrating its 20th anniversary, it was a rude shock to become the butt of social media ...
Three years after its inception, compliance with GST procedures remains a headache for exporters, job workers ...
Corporate social responsibility (CSR) initiatives of companies are altering the prospects for wooden toys of ...
Aequs Aerospace to create space for large-scale manufacture of toys at Koppal
And it has every reason to smile. Covid-19 has triggered a consumer shift towards branded products as ...
Please Email the Editor