Android banking malware stops you calling customer service to cancel your cards

Symantec describes some Android banking malware making things more complicated for victims in Russia and South Korea:

Typically, when a banking customer calls a customer care number through a registered mobile device, their call will be routed to an Interactive Voice Response (IVR) System. By blocking these numbers, the malware creators can stop a victim from asking their bank to cancel payment cards that the variants stole. This also gives the malware more time to steal data from the compromised device. Affected users can still find other channels, such as email or landline calls, to reach customer care.

We’re used to seeing malware preventing victims from reaching anti-virus company websites, now we have banking malware stopping you from calling the banks.

Although this particular malware appears to be targeting Russians and South Koreans, there is clearly the opportunity for this technique to be used elsewhere in the world.

Sign up to our free newsletter.
Security news, advice, and tips.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.