Researchers say that malicious Android applications disguised as legitimate shopping apps are stealing Malaysian bank customers’ financial data.
On Wednesday, ESET’s cybersecurity team published new research documenting three separate apps targeting customers who belong to eight Malaysian banks.
First identified in late 2021, the attackers began by distributing a fake app pretending to be Maid4u, a legitimate cleaning service brand. The cyberattackers responsible created a website with a similar name — a technique known as typosquatting — and tried to lure potential victims into downloading the malicious Maid4u app.
Paid Facebook Ads were used to further the domain’s appearance of legitimacy and to work as a distribution method.
In January, MalwareHunterTeam shared a further three websites operating in the same vein, and at the time of writing, the campaign is still ongoing. ESET has since found another four malicious websites that mimic legitimate Malaysian shopping and cleaning services.
Grabmaid, Maria’s Cleaning, Maid4u, YourMaid, Maideasy, and MaidACall are all being impersonated alongside PetsMore, a pet shop. Five of the abused services do not have an app on Google Play.
The malicious domains don’t allow customers to purchase products or services directly. Instead, the attack vector is a button that claims