Fake Banking App Utilized In SMiShing Scheme

A SMiShing scheme was identified by researchers at Trend Micro which targets Spanish speaking users connected to Banco Bilbao Vizcaya Argentaria (BBVA).

Security researchers at Trend Micro provided details about a fake banking app on the Google Play store dubbed “Movil Secure.” It was mentioned that the developers went to great lengths to try and trick users into believing it was legitimate. There were also three other apps in the store which were linked to the same developer. From the date of when the malicious app became available, it was downloaded over a hundred times in a six day time frame. The developers were targeting Spanish speaking customers of the Banco Bilbao Vizcaya Argentaria (BBVA). After the app is download by an unsuspecting victim, the infection process begins. It collects and sends device information back to a command and control server. For full technical details, refer to Trend Micro’s article.

Indicators of Compromise

SHA256

C&C

Jason Davies

UK based technology professional, with an interest in computer security and telecoms.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: