People who make use of ridesharing apps should be careful. Some of these apps have been discovered to be harboring mobile Trojan horses. These malwares steal bank data by impersonating the interfaces of these ridesharing apps. According to Kaspersky Labs, if your ridesharing app asks you to re-enter your credit card information after you have already input it upon installation, you should proceed with caution. The malware responsible for this is known as the Faketoken Trojan, and apparently it has been around for a while now.
According to Kaspersky, the latest version of the Faketoken Trojan is called Faketoken.q. The company points out that the malware infects phones through bulk SMS, where it prompts the user to download images. Once the user downloads the image, the Faketoken Trojan installs all its necessary parts, and begins to monitor everything done on the phone. Now, once the malware detects an app whose interface it can simulate, it overlays the app with its own screen. Then, instead of proceeding as usual, the app prompts you to enter your credit card information.
It seems like a number of apps have been compromised this way. These include mobile banking apps, Android Pay, the Google Play Store, and of course ridesharing apps. Right now, it seems that this Faketoken Trojan is largely relegated to users in Russia, but it may not be long before the malware comes our way too.
Now, to keep from falling victim to this malware, Kaspersky recommends that you go to Android settings and prevent the installation of apps from unknown sources. Simply go to Settings, tap on Security, then uncheck Unknown Sources. Furthermore, users need to be aware of the permissions an app requests before installation, even if you download the app from a presumably safe source, like Google Play Store. Also, it would be prudent to install an antivirus app on your phone.