Categories
News Personal Finance

New Android Trojan Can Steal Money from A PayPal Account

A major piece of malware is affecting Android users. An Android Trojan is able to steal money from PayPal accounts. The Trojan managed to bypass the 2-factor authentication as well. Many users were put at risk.

What we know for now is that Google Play is not the source of this Trojan. Instead, it appears that the victims installed a battery optimization app which is available on third-party app stores. Once the app is opened, it will immediately close as well.

The user is asked by the app to “enable statistics”, which allows it to access Accessibility options. After this is enabled, the user also receives a notification prompting them to open the PayPal app. The user opens the app and signs in, going through any authentication prompts.

However, once the user has signed in the Trojan uses the accessibility service. It copies the taps needed to transfer money to another address. Usually, 1000$ are sent to the PayPal address of the attacker. This doesn’t take more than a couple of seconds for this to happen.

Every time the user tries to open the app, the process repeats itself one more time. It is impossible to stop it, and it will only come to an end if there is no linked card or account AND if there aren’t enough money in the PayPal.

Stay safe

At the moment the source of the Trojan is unknown. Nonetheless, PayPal has been notified of this issue and we expect a fix for it coming soon. If you want to stay safe, it is recommended that you avoid third-party apps. Make sure that you download just apps from the Google Play Store, as those are verified and (usually) safe enough to use.

Exit mobile version