Industry News

Conference

04 Jan 2018

Android users being targeted by fake Uber app

Sam Clark

The security firm has analysed a recent version of the Android.Fakeapp malware variant, and found that hackers are tricking users into entering their passwords and phone numbers onto a fake version of Uber.

Millions of Android users around the world use Uber, meaning the discovery could affect a significant number of phone users globally.

The malware works by bringing up a screen on the user’s phone that matches the Uber user interface. It asks for a phone number and the user’s password, in order to log into the app. Once entered, these details are sent to the malware’s remote server.

It is at this point that the malware does something relatively unusual, according to Symantec. In order to avoid arousing suspicion, once details have been entered, the malware takes the user through to a legitimate Uber screen, showing his or her location, which is the expected result after logging in.

Clearly, as the malware is not the legitimate Uber app, it has to perform some trickery to get to this point. It does this, Symantec says, by using the ‘deep link URI of the legitimate app.’

A URI is similar to URLs used on the web, but for an app. These deep links take users to a specific piece of content within the app. For instance, in this case, the malware takes the user to Uber’s ride request page by using the URI ‘uber://?action=setPickup&pickup=my_location’.

Given the smart social engineering carried out through this malware, Symantec recommends making frequent backups, keeping software up to date, and paying attention to the types of permissions requested by apps.

This snippet of code shows the process through which the malware takes the user’s Uber credentials across to its server, then instructs Android to display the Uber ride request page.

View all Industry News
Loading

Sponsors

Platinum Sponsor

Platinum Sponsor

Keynote Theatre Sponsor

Theatre Sponsor

VIP Lounge Sponsor

Compliance & Change Detection Leader

Gold Sponsor

Gold Sponsor

Gold Sponsor

Gold Sponsor

Silver Sponsor

Silver Sponsor

Silver Sponsor

Silver Sponsor

Silver Sponsor

Bronze Sponsor

Bronze Sponsor

Bronze Sponsor

Bronze Sponsor

Bronze Sponsor

Partners

Knowledge Partner

Global Analyst Partner

Official TV Partner

Official Video Partner

Official News Release Distribution Partner

Security Education Partner

Event Partner

Event Partner

Event Partner

Event Partner

Event Partner

Event Partner

Event Partner

Event Partner

Media Partner

Media Partner

Media Partner

Media Partner

Media Partner

Media Partner

Testimonials

  • "The best thing of us part opportunity to meet with our partners and customers. We met with many relevant prospects from different verticals and get a sense of the market demand. I understand much more of what the customers in this region."
    CEO and Co-founder, Votiro
  • "Considering the large number of exhibitors at the show, the crowd at our booth is great and stayed consistent throughout the day. Delegates who visited our booth met our expectations and we gathered good leads too!"
    Malwarebytes, Sales Development Representative 
  • "There’s no other show like Cloud Expo Asia and Cloud & Cyber Security Expo that reaches out to two groups of different audience from both cloud and cyber security in the same venue which is exactly who our service offerings are for! We have been participating in both Cloud Expo Asia, Hong Kong as well as Cloud Expo Asia, Singapore and more than happy to be part of the next edition!"
    Technical Account Manager North Asia, Qualys
  • "We met our target audience including service providers and SI, we have lot of interest throughout both days which is great! The show is definitely a platform for us to meet APAC audience and catch up with our partners across the different shows here."
    Channel Manager – Strategic Alliance APAC, Webroot