There have been Vietnamese users who lost billions of dong because of installing fake software.

As reported by VietNamNet, a representative of the Department of Information Security, Ministry of Information and Communications, said on July 5 that in the past week, a campaign has been spreading on Vietnamese cyberspace to trick people into installing fake apps of the Government and the General Department of Taxation.

According to analysis by experts from the Department of Information Security, in the above-mentioned campaign of fraudulent ".apk" malware apps impersonating the General Department of Taxation and the Government app, the group used nearly 195 different systems to defraud people.

On the evening of July 7, along with updating new information about the increase in the number of users whose bank accounts were hijacked due to downloading and installing fake software, expert Vu Ngoc Son, Technical Director of NCS Company, also explained how malware can help hackers remotely control and execute money transfer orders on the victim's phone.

Specifically, according to the explanation of expert Vu Ngoc Son, normally, each application on the phone is created a "sandbox" by the operating system to execute. That helps this application not to read data nor interfere with the operation of other applications. This high-security design helps that in case the phone is infected with malware, the malware cannot steal data from applications on the device.

However, a Google design in Android called Accessibility Service, which is intended to help people with visual impairments or mobility loss use smartphones, has been exploited by hackers. Hackers use Accessibility Service to program malicious code that can read content and interact with other applications. This has broken Google's "sandbox" security design.

Although Google quickly recognized the danger of Accessibility Service by removing almost all applications using this permission on Google Play, hackers once again found a loophole, which is to distribute software on unofficial markets - where all of Google's censorship measures cannot interfere.

“This is also the reason why the malware that stole money from bank accounts in recent incidents in Vietnam is not available on Google Play, but is posted on direct download links for .apk files. In this way, the scammer will trick users into granting Accessibility rights to the fake application. After being granted rights, the fake application can act as a spy, collect information, even control banking applications, enter accounts, passwords, and then OTP codes to transfer money,” expert Vu Ngoc Son analyzed.

Based on the "decoding" of the operating mechanism of the malware installed in fake Government and General Department of Taxation apps, expert Vu Ngoc Son recommends that users should be vigilant with software installation requests, especially software on Android, during this time. In particular, absolutely do not grant Accessibility rights. All applications of banks, taxes or any other agencies do not require users to have this right.

Sharing more about the form of fraud, appropriating users' assets by tricking them into installing fake apps containing malware, NCS Company experts assessed that this is not a new form of attack, hackers often impersonate an agency or organization to trick users into installing fake apps on their phones.

In addition, currently fake applications only work on the Android operating system, the software download link is outside the CHPlay application market. iPhone phones currently do not allow installation from sources outside the Apple Store application market, so they are not attacked in this way.

To avoid this scam, experts recommend that users pay attention to some principles, which are: With Android phones, only install applications by going directly to CHPlay and finding the corresponding software there. Similarly, with iPhone phones, users only install from the Apple Store.

In addition, users should not click on links received via text messages. In case of doubt, users need to verify with relevant agencies and organizations through the officially published phone number.

(Source: Vietnamnet)