No longer watching Reels on Instagram, browsing News Feeds on Twitter, or streaming content on Netflix is fun. Thanks to MasterFred, the nasty Android Malware.
With every passing day as the number of people socializing on social media is increasing, cybercriminals are getting attracted to target naive mobile users. In this regard, hackers incorporated a new malware strain dubbed MasterFred. This malware is found inside Fake Android apps disguised as the popular social media apps – Twitter, Netflix, and Instagram.
The malware was first detected in June 2021 and since then it has been working in the dark to target Android users. To target innocent users, MasterFred uses fake multi-language custom login overlays and when the user falls for the trick the malware enters the device and downloads other malware to perform operations. It mostly affects bank customers and steals financial data.
Characteristics of MasterFred Malware
“By utilizing the Application Accessibility toolkit installed on Android by default, the attacker can use the application to implement the Overlay attack to trick the user into entering credit card information for fake account breaches on both Netflix and Twitter. Some important things of note to this malware are that the Assets folder within the application is where the HTML overlays for common applications are stored along with fake bank login overlays in multiple languages.”
- The malware is targeting Android devices
- Applications through which the malware triggers bundle the HTML overlay
- False login forms are shown and used to perform financial data theft
- To steal data MasterFred uses Tor2Web proxy
How does MasterFred Malware Work?
To target, Android devices threat actors implemented MasterFred in fake Android apps that look genuine enough and match Twitter, Instagram, and Netflix. Once downloaded, the user is asked to log in (same as asked in real services).
Afterward, they are asked to enter credit card details, which when entered goes to the hacker and they take advantage of it.
This is not a new practice. Several other threats also used the Accessibility services to navigate the Android UI and install payloads. However, MasterFred is more advanced than the older version as it uses the Onion.ws dark web gateway (aka Tor2Web proxy) to send the stolen information.
How to Stay Safe From MasterFred Malware?
- Always make sure applications are downloaded from Google Play and other known sources.
- Avoid downloading the cracked versions of .APK files from unknown sources.
- Use an antimalware program to secure your Android device from threats. For this, you can use Systweak Anti-Malware, a robust security tool designed to identify malware, virus, adware, and other malicious threats.
Systweak Anti-Malware offers the following features:
- Real-Time Protection
- App Protection
- Web Protection
- Performance Boost
How to use Systweak Anti-Malware?
1. Install Systweak Anti-Malware from Google Play Store.
2. Launch the security application
3. You will now be asked to grant permission to access media files, data, photos, & videos on our device.
4. Tap Allow to proceed
5. Next, to perform a scan tap on the Start Scan option and wait for malware scanning to finish.
6. If an infection is detected, it will be automatically removed by the app
7. In addition to this, you can check app permissions also.
If you find an app that has permissions that aren’t required, disable them. This will help stay protected from being a victim of malware attacks via malicious apps.
Staying 100% protected from these nasty threats is not easy. But if we keep a check on our activities and install a security application like Systweak Anti-malware we can stay one step ahead. It is important to guard your device against malware and malicious apps. A few days ago, thousands of South Korean users were also targeted by a similar Android malware known as PhoneSpy. Like MasterFred, it also allows threat actors to collect data and control the device. This clearly explains the risk and threats lurking around. Hence, it is important to stay secure and keep a check on online activities.
We hope you find the information helpful and will give the security application a try. Alongside we recommend keeping discussed preventive measures in mind to stay protected.