FakeCall

Malware updated a month ago (2024-11-29T13:57:49.448Z)
Download STIX
Preview STIX
FakeCall is a highly sophisticated malware specifically designed to target mobile devices, particularly Android platforms. It operates by hijacking call functions on these devices, and has the ability to intercept and manipulate both outgoing and incoming calls. Using a command-and-control (C2) server, it issues commands and executes actions covertly on the infected device. This malware is known for its advanced use of vishing (voice phishing), exploiting unique mobile features like voice and SMS capabilities. It's identified as Android/Trojan.Banker.Fakecall by Malwarebytes for Android, indicating its primary function as a banking Trojan. The FakeCall malware is notably versatile and deceptive. It tricks users by mimicking the Android dialer and showing trusted contact information, thereby creating an illusion of authenticity. Its primary exploitation tactic involves hijacking calls made to financial institutions and redirecting them to scammers. This is achieved through the Monitoring Dialer Activity service which monitors events from the com.skt.prod.dialer package, allowing it to detect when the user is attempting to make calls. In previous versions, FakeCall tricked users into calling scammers by displaying a fake bank screen with the real bank's number. The distribution of FakeCall primarily occurs through fake banking apps that impersonate large financial institutions, as well as through phishing emails. Upon installation, the latest version of FakeCall sets itself as the default call handler, thereby gaining control over all outgoing calls. Furthermore, it has the capability to access live audio and video streams from the infected devices, posing significant privacy risks. The last reported surge of this malware was documented by BleepingComputer, highlighting its recurring threat to Android users.
Description last updated: 2024-10-31T22:02:53.892Z
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Malware
Phishing
Android
Trojan
Vishing
Tool
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the FakeCall Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more