The National Cyber Security Agency (NACSA), National Security Council (NSC) through the National Cyber Coordination and Command Centre (NC4) has been informed of a malicious Android mobile app and a fraudulent website (http://malaysiagovermentapp.com) claiming to be from the Perdana Menteri Malaysia for the purposes of COVID-19 aid programme.
Identity theft and financial loss.
From our analysis, the malicious Android app is being used to trick victims into submitting their internet banking details, which will then be uploaded to a different website. It is observed that the Android app also has the capability to read mobile phone SMSes, which may be used to steal victim online banking credentials and TAC codes for Internet banking.
The NC4 would like to remind the public to not access or install any suspicious links or applications that are not in the Google Play Store or the Manufacturer’s App Stores such Apple AppStore, Huawei AppGallery, and Samsung Galaxy Store. It is also advised for the public to take the following actions:
Figure 1: The fake website for the Android Malware.
Figure 2: The Android Malware Main App.
Figure 3: The Android Malware App Requesting Bank Info.
Figure 4: The Android Malware App Requesting Bank Credential.