Finland is worried that Android malware attacks could lead to bank account theft.

Finland issues a warning about bank account breaches caused by Android malware.


The Transport and Communications Agency of Finland (Traficom) is alerting about a movement of Android malware that is attempting to get into online bank accounts.

The agency has brought up several examples of Finnish-language SMS texts that tell people to call a number. The con artist who answers the phone tells victims to protect themselves by installing a McAfee app.

The messages say they come from banks or payment service providers like MobilePay, but they use fake technology to make it look like they come from a local network or telecom company.

The McAfee app, on the other hand, is malware that will let bad guys get into people’s bank accounts.

“According to reports received by the Cyber Security Center, targets are encouraged to download a McAfee application,” says the warning. (written by machine)

“The download link provides you entry to an APK app for Android devices that is not hosted in the Play Store.” But this isn’t security software; it’s malware that will be put on the phone.

big financial service provider in the country, OP Financial Group, has also put out a warning about the fake texts that claim to be from banks or the government.

The cops also warned of the danger, saying that the malware lets its owners access the victim’s bank account and move money around. One person lost 95,000 euros, which is about $102,000.

Traficom says that the effort only targets Android devices and that there isn’t a separate way for Apple iPhone users to get infected.

The Vultur virus thought to be

The Finnish government hasn’t said what kind of malware it is or shared any hashes or IDs for the APK files, but the attacks look a lot like the ones that Fox-IT experts recently reported were linked to a new version of the Vultur ransomware.

The latest version of Vultur has been making the rounds lately. It uses a mix of smishing and phone calls to get people to download a fake McAfee Security app. The end payload is delivered in three different parts so that it can be avoided.

Its newest features let you do a lot of things with files, abuse Accessibility Services, stop certain apps from running on the device, turn off Keyguard, and show custom messages in the status bar.

If you loaded the malware, you should call your bank right away to set up protections and reset the infected Android device to “factory settings” to get rid of all the data and apps.

OP says that they don’t ask customers to give out private information over the phone or install any apps to receive or stop payments. If you get a request like this, you should call the bank’s customer service and the police right away.

Google told BleepingComputer in the past that Play Protect, Android’s built-in anti-malware app, automatically protects against known versions of Vultur. This is why it’s important to keep it running all the time.

Comments are closed.