ANNOUNCEMENT

Title: Fake Bank Negara Malicious APK Alert

Introduction

National Cyber Coordination and Command Centre (NC4) and MyCERT has received numerous reports of smartphones users being infected with malware through a phishing campaign involving Bank Negara Malaysia (BNM).

Impact

Loss of money of the affected victims, disclosure of personal information to unknown parties may escalate to further scams.

Brief Description

The scammer had disguised as law enforcement officers and made several telephone calls to the victims, claiming that the victims have been involved in money laundering activities. The scammer will then force the victim to cooperate and threaten them with an arrest warrant, later forcing them to download and install an unknown application.

The victim will then be provided with a malicious URL to download the apps through messaging service or telephone call if the victim fail to do so. Subsequently, victim found out that their money has been illegally transferred from their account. The modus operandi for the scam can be summarized in Figure 1 below.

A page with BNM's logo will be displayed when the victim clicked on the given link. Victim will then be led to click on the logo to download an application and install it on their device as in Figure 2 & Figure 4.

The application which disguised as a legitimate BNM application will require the victim to fill in their online bank credentials as in Figure 3 & Figure 5. It is suspected that, this is the method the scammer used to harvest victim's credential and subsequently gaining access to victim's bank account to perform money transfers.

The IP address and URLs used to spread the malicious installer has been identified and taken down now by the relevant authorities.

Recommendation

We advise members of the public to perform the following actions:

  1. When you received a telephone call claiming from the law enforcement agency:
    • Do not panic
    • End any suspicious calls immediately and do not respond to any instructions given over the telephone;
    • Call back the law enforcement agency or any institution mentioned directly using the official number published in their official websites for verification;
  2. Do not click/download any applications from links given through any messaging services;
  3. Update the operating systems and applications on your smart devices regularly with the latest security updates and patches;
  4. Verify an application's permission and author or publisher prior to installation;
  5. Verify URL on mobile sites as it appears differently from desktop browser;
  6. Install reputable antivirus on your smart devices and keep it updated;
  7. Avoid public Wi-Fi networks when performing banking transactions and switch off Bluetooth connection when not in use;
  8. Do not root or 'Jailbreak' your smartphones;
  9. Download apps which has been verified safe from Google Play or Apple App Store only.
  10. Please ensure to turn off the "Unknown Source" option in the Security Settings page.
  11. Avoid installing apps from unofficial sources whenever you can.
  12. If you suspect that you have been a victim, please contact law enforcement agency.

Images

Figure 1 - Modus Operandi Of The Scam

Figure 2 - Fake BNM Apps Landing Page
Figure 3 - Fake BNM Apps Interface
Figure 4 - New Variant of Fake BNM Apps Landing Page
Figure 5 - New Variant of Fake BNM Apps Interface

Source : National Cyber Coordination and Command Centre (NC4) Official Website

CONTACT US

NATIONAL CYBER SECURITY AGENCY (NACSA)

National Security Council
Prime Minister's Department
Level LG & G, West Wing,
Perdana Putra Building,
Federal Government Administrative Center,
62502 Putrajaya, Malaysia.

FOLLOW US




Number of Visitors
13,050