"Android Malware "FakeCall" Now Reroutes Bank Calls to Attackers"

Security researchers at CheckPoint have discovered that a new version of the FakeCall malware for Android hijacks outgoing calls from a user to their bank, redirecting them to the attacker's phone number instead.  The goal of the latest version remains to steal people's sensitive information and money from their bank accounts.  The researchers noted that FakeCall (or FakeCalls) is a banking trojan with a focus on voice phishing, in which victims are deceived through fraudulent calls impersonating banks, asking them to convey sensitive information.  The researchers warned that FakeCall was now impersonating over 20 financial organizations, offering targets low-interest loans and featuring new evasion mechanisms to lower detection rates.  In addition to vishing (voice phishing), FakeCall could also capture live audio and video streams from the infected devices, allowing attackers to steal sensitive data without victim interaction.

BleepingComputer reports: "Android Malware "FakeCall" Now Reroutes Bank Calls to Attackers"