Another major bank warns cybercrime explicitly targeting Android users in Malaysia
In recent years, cybercrime has become an increasingly pressing global issue, with Southeast Asia reporting record number incidences as well. In Malaysia, the number of reported cases has increased exponentially, with banks and their customers among the most commonly targeted victims.
Despite this trend, Malaysian banks have been slow to adopt sufficient security measures to protect their customers from online threats.
Recently, Maybank has warned its customers of a new SMSSpy campaign explicitly targeting Android users in Malaysia. The SMSSpy malware can view any SMS sent to the mobile phone, including obtaining TAC numbers to perform internet banking transactions.
Malicious Android apps targeted customers
Two months ago, Tech Wire Asia had previously reported that several major Malaysian banking apps were not responding fast enough to this rising threat surface, and customers had funds missing from their accounts.
Although banking apps are created to be secured, with built-in extra security features, and regulated by governing financial bodies — they can be targeted through third-party malicious apps in most cases.
This leaves the door wide open for criminals to exploit these institutions and their customers. The targeted banks were Maybank, Affin Bank, Public Bank Berhad, CIMB Bank, BSN, RHB, Bank Islam Malaysia, and Hong Leong Bank.
According to statistics from the Commercial Crime Investigation Department at Royal Malaysia Police, Malaysians have suffered losses amounting to about RM2.23 billion on cybercrime frauds since 2017,
The cybercrime campaign began in late 2021
EST researchers discovered that the ongoing campaign began in late 2021 with cyber attackers setting up fake websites to entice shoppers into downloading malicious applications.
Some fake websites even mirrored the original site by using similar domain names to their impersonating services. Meanwhile, in January 2022, the MalwareHunterTeam identified three more malicious websites and Android trojans attributed to this campaign.
MyCERT advisory noted that cybercriminals involved in the SMSSpy campaign would use several ways to persuade individuals to download these malicious Android apps.
One method is to impersonate the Law Enforcement Agency (LEA) and regulators, informing the victims that they have run afoul of the law and must pay a sum of money to unfreeze their financial accounts.
MyCert documented that eight websites had been identified as malware scams impersonating services found only in Malaysian, including Grabmaid, Maria’s Cleaning, Maid4u, YourMaid, Maideasy, MaidACall, MyMaidKL, and PetsMore.
Malaysian banks must take a stronger stance against cybercrime
Global cybersecurity company Kaspersky Lab revealed that Malaysia’s threat detections have climbed to 33% in 2020 and 26% in 2021. Cyberattacks are no longer a matter of if, but when. To stem the tide of cybercrime in Malaysia and keep consumers protected, banks must take a stronger stance against cyberattacks, by implementing more effective security protocols and educating customers on how to stay safe online.
This also means strengthening their security measures, educating their employees about cyber threats, and working with law enforcement agencies to investigate and prosecute perpetrators.
While it’s unclear how many people may have been affected, the discovery serves as a reminder that cybercriminals are constantly coming up with new ways to exploit unsuspecting users.