Dating Viruses: Trojans Use Tinder and Badoo Brands

Trojans use Tinder and Badoo
Written by Emma Davis

According to Kaspersky Lab report, almost one in five users use online dating apps (19%). Of course, attackers do not miss the opportunity to monetize this interest. Banking Trojans use the popular Tinder and Badoo brands.

Statistics show that interest in the topic of love is really growing on the eve of Valentine’s Day. For example, the number of clicks on the phishing version of the PeopleMedia website more than doubled almost a month before Valentine’s Day.

The company’s researchers found that mobile networks often use the names of popular dating services.

A total of 1963 malicious files were detected for mobile devices. In 1262 of them the name Tinder was used, and in 263 – Badoo.

Popular dating apps used worldwide, such as Tinder and Badoo, often become bait used to spread mobile malware or retrieve personal data to later bombard the users with unwanted ads or even spend their money on expensive paid subscriptions”, — explained Kaspersky Lab specialists.

So, one of the applications, which at first glance looks like Tinder, is actually a banking trojan that constantly requires the user to provide extended rights to the Google Accessibility Service, a service designed to facilitate the use of applications by people with disabilities. After obtaining these rights, the malware independently issues all the permissions necessary to steal money.

Another application after installation is fixed in a system called Settings, at startup it displays a fake error message and hides from the list of applications in order to return after some time to display intrusive advertising.

Тop 10 detections by the number of attacked users (by Kaspersky):

  1. HEUR:Trojan.AndroidOS.Hiddapp.ch
  2. HEUR:Trojan.AndroidOS.Boogr.gsh
  3. UDS:DangerousObject.Multi.Generic
  4. not-a-virus:HEUR:AdWare.AndroidOS.MobiDash.z
  5. not-a-virus:HEUR:AdWare.AndroidOS.Mobidash.ai
  6. not-a-virus:HEUR:RiskTool.AndroidOS.Frime.a
  7. HEUR:Trojan-SMS.AndroidOS.Opfake.a
  8. not-a-virus:HEUR:RiskTool.AndroidOS.Dnotua.ixj
  9. not-a-virus:HEUR:AdWare.AndroidOS.Mobidash.ag
  10. UDS:DangerousObject.AndroidOS.GenericML

In addition, scammers are developing phishing schemes that allow earning on the desire to find a partner for a date.

As part of one of the common tactics, a user gets to know a girl, and when it comes to making an appointment, she offers to go to the cinema, chooses a movie theater and a show herself and sends a link by which to book tickets. If a user pays for tickets, his money goes to scammers, and the person with whom he corresponded ceases to get in touch”, – said IS researchers.

In addition to phishing schemes, new fake copies of dating services regularly appear. scammers mostly use them to collect personal data.

Dating sites are very popular, and attackers do not miss the opportunity to play on it. We remind you to be careful and recommend downloading only legitimate versions of such services from application stores, and not sharing too much information about yourself with strangers,” – commented Kaspersky Lab experts.

Dating app users can avoid falling prey to cybercriminals by following these tips:

  1. Don’t install applications from untrusted sources, even if they are always advertised.
  2. Block the installation of programs from unknown sources.
  3. Check the reputation and user feedback of the dating website one is planning to visit.
  4. Use reliable security solutions that offer advanced protection on PCs and mobile devices.

But this does not mean that you should be sad on Valentine’s Day and not trust anyone. Kaspersky Lab, for example, had enough of its problems too.

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Emma Davis

I'm writer and content manager (a short time ago completed a bachelor degree in Marketing from the Gustavus Adolphus College). For now, I have a deep drive to study cyber security.

Leave a Reply

Sending

This site uses Akismet to reduce spam. Learn how your comment data is processed.