FakeSpy Android Information-Stealing Malware Targets Japanese and Korean-Speaking Users

Spoofing legitimate mobile applications is a common cybercriminal modus that banks on their popularity and relies on their users’ trust to steal information or deliver payloads. Cybercriminals typically use third-party app marketplaces to distribute their malicious apps, but in operations such as the ones that distributed CPUMINERBankBot, and MilkyDoor, they would try to get their apps published on Google Play or App Store. We’ve also seen others take a more subtle approach that involves SmiShing to direct potential victims to malicious pages.

Read more…
Source: Trend Micro