Mystery Shopper Joins Winter Sales Period

As winter sales hit the stores, both the users and brands need to be wary. Shoppers rely heavily on reviews, while retailers increase their promotion and advertising budgets during this period.

Kaspersky researches have detected a new Trojan application which terrorises users with unsolicited advertisements and boosts popular shopping app ratings and installations of online shopping applications – fooling both users and advertisers. This malicious app visits smartphone app stores, downloads and launches applications, and leaves fake reviews, while being unnoticed by the device owner.

The Trojan, dubbed ‘Shopper’ came to the attention of the Kaspersky researchers following its extensive obfuscation and use of the Google Accessibility Service which enables users to set a voice to read out app content and automate interaction with the user interface -designed to aid the less abled.

The malware can gain unlimited opportunities to interact with the system interface and applications once it gains access to use the service by masking itself as a system application and uses the system icon named ConfigAPKs. It can capture data featured on the screen, press buttons and even emulate user gestures.

After the screen is unlocked, the app launches, gathers information about the victim’s device and sends it to the attacker’s servers. The server then returns the commands for the application to execute.

The highest share of users infected from October to November 2019 was in Russia, with a staggering 28.46 percent of all users affected by the shopaholic app. Almost 18.7 percent of infections were in Brazil and 14.23 percent in India.

No one can guarantee that the creators of this malware will not change their payload to something else. For now, the focus is on retail, but the capabilities of this malware can enable attackers to spread fake information via users’ social media accounts and other platforms. For example, it could automatically share videos containing whatever the operators behind Shopper would want on personal pages of users accounts and just flood the Internet with unreliable information.

To reduce the risk of infection by malware threats, users should be aware of the apps that use the Accessibility Service, always check application permissions, do not install apps from untrusted sources and use reliable mobile security solution.

 

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News

Securities Commission Revises Guidelines On Digital Assets

The Securities Commission Malaysia (SC) has revised its Guidelines on Digital Assets (Guidelines), which came into force today to regulate Initial Exchange...

MATTA calls for sufficient funding for tourism businesses to digitalise in upcoming Budget 2021

The Malaysian Association of Tour and Travel Agents (MATTA) is urging Putrajaya for sufficient funding for tourism businesses to invest in digitalisation...

MATTA urges for proposed two-tiered wage subsidy system

The Malaysian Association of Tour and Travel Agents (MATTA) in agreement with the Malaysian Association of Hotels (MAH) is urging for a...

#MyAPEC2020 exhibition registers over 6,000 viewers and 300 buyers

The #MyAPEC2020 exhibition has amassed over 6,000 registered viewers on the online platform in just under two months since its commencement as...

Tourplus secures RM4.1 million in investment

Tourplus Technology Sdn Bhd, a Malaysian travel startup that provides an online marketplace for travelers providing personalised itineraries linking travelers to local...

Must read

Solarvest: Green wishlist for Budget 2021

By Davis Chong Chun Shiong, Group CEO Solarvest Holdings Berhad, Over the years, the Government of Malaysia has been...

Budget 2021 – Youth’s wishlist to endure the crisis

By Sofea Azahar, As Budget day approaches, talks about the perks to be considered in addressing the setbacks of...

5 ways how corporate culture works for remote teams

By Vinod Chandramouli, Head ASEAN Business, Freshworks, Back in the days of pre-Covid 19, the strategy to embed corporate...

Ok, Boomer. Ok, Gen Z. Let’s talk

By Dr Jesrina Ann Xavier, Senior Lecturer and Programme Director at the Faculty of Business and Law, Taylor’s University and Anna Matthew,...