Popular Taxi, Ride-Sharing Apps Affected by New 'Faketoken' Android Trojan: Kaspersky

A modified version of notorious mobile banking

Trojan 'Faketoken' has resurfaced which is able to steal credentials from popular Android taxi applications and ride-sharing apps, Moscow-based cybersecurity firm Kaspersky Lab said on Friday.

"The new version of 'Faketoken' performs live tracking of apps and, when the user runs a specified app, overlays this with its phishing window to steal the bank card details of the victim," Kaspersky Lab said in a statement.

The Trojan virus has an identical interface, with the same colour schemes and logos, which creates an instant and completely invisible overlay.

"The fact that cybercriminals have expanded their activities from financial applications to other areas, including taxi and ride-sharing services, means that the developers of these services may want to start paying more attention to the protection of their users," said Viktor Chebyshev, security expert at Kaspersky Lab.

"The banking industry is already familiar with fraud schemes and tricks, and its previous response involved the implementation of security technologies in apps that significantly reduced the risk of theft of critical financial data," Chebyshev added.