Two teenagers among 13 arrested over links to Android banking-related malware scams

/in


SINGAPORE: Two teenagers were among 13 people arrested for their suspected involvement in banking-related malware scams targeting Android users. 

The 15-year-old individuals were nabbed alongside seven men and four women aged 17 to 25, said the police in a news release on Saturday (Aug 26). 

All of them were arrested during an anti-scam enforcement operation conducted by the police between Aug 14 and Aug 25.

Two other women, aged 29 and 39, and another 15-year-old teenager are assisting with investigations.

Preliminary police investigations revealed that the 13 suspects had allegedly facilitated the scam cases by relinquishing their bank accounts. Some of them also relinquished their internet banking credentials or disclosed their Singpass credentials for monetary gain.

Cases of malware being used to compromise Android mobile devices have been on the rise since January, said the police. 

This results in unauthorised transactions made from the victims’ bank accounts even though they did not reveal their internet banking credentials, one-time passwords or Singpass credentials to anyone.

In such cases, the victims responded to advertisements on social media platforms and were later instructed by the scammers to download a malicious Android Package Kit from non-official app stores to facilitate the purchases, leading to malware being installed on the victims’ mobile devices. 

The scammers then convince the victims via phone calls or text messages to turn on accessibility services on their Android phones. This allows the scammers to take full control of the mobile devices.

“This means that the scammers can log every keystroke and steal banking credentials stored in the phones and allows them to remotely log in to the victims’ banking apps, add money mules as payees, raise payment limits and transfer monies out to money mules,” said the police.

The scammers can further delete SMS and email notifications of the bank transfers to cover their tracks.

The police advised members of the public to not click on suspicious links, scan unknown QR codes or download mobile apps from third-party websites. 

“These unverified apps may contain malware, which can severely…

Source…