Hey you,
BE IN THE KNOW!

35,000 ransomware infections per month and you still believe you are protected?

Sign up to receive:

  • alerts
  • news
  • free how-to-remove guides

of the newest online threats - directly to your inbox:


Malicious Viber Duplicate Steals Money from Android Users

fraudulent-message-fake-viber-sensorstechforumA fake Viber double has been reported to steal financial information from infected Android devices according to malware researchers. The app is distributed via third-party services that advertise it, and most Android users are protected as long as they do not remove the security setting on Android which allows the installation of applications from suspicious sources. However, the app still managed to infect approximately 1600 users which means it may also use another method of distribution.

Users on Twitter have complained about the application demanding administrative permissions upon startup.

android-app-fake-viber-activate-sensorstechforum

After such permissions are granted to this application, it was reported to display a fraudulent error message saying that the program cannot be ran and has crashed. But there is no such thing as “the program” because the only software that is installed this way may be the financial-stealing malware associated with the fake Viber app.

Similar to other mobile malware, such as SimpleLocker, the virus may also spread via malicious advertisements published via the Google ad service on apps that support all types of advertisements. As soon as the user clicks on those apps, he may be presented a fake update screen prompting him to perform several different activities such as install Viber or update it. From there, the infection may commence.

At this point, it cannot be said with certainty whether or not the fake Viber application is spread in the latest version of Android – the 7.0 Nougat.

As soon as an infection is performed by this application, it may immediately begin to scan for any financial applications or applications that have financial credentials in them. The fake Viber malware may or may not have pre-configured scripts to extract financial information from various apps that may contain it, like PayPal, the web browsers that may have remembered credentials, ePay apps, Google PlayStore credentials and financial data and many other sources.

Anyone who has seen the errors above are strongly advised to be extremely careful around applications such as the fake Viber app and always choose legitimate sources for download such as the official PlayStore page. Its also strongly recommended installing an app protection program to avoid such incidents in the future.

Remove Fake Viber Financial Stealing Malware

To make sure you have removed this virus we strongly advise you to follow the removal instructions below. They include the complete restart of your device with the full wiping off all the data in it. Make sure to save all your important files in the phone somewhere else or back them up to the cloud because they will be deleted during a hard reset. Also, make sure to remember your official e-mail and password for your Google account that has been selected as an owner of the Android device.

1. Back up the data on your device
2. Hard-reset your device and remove Fake Viber App

Vencislav Krustev

A network administrator and malware researcher at SensorsTechForum with passion for discovery of new shifts and innovations in cyber security. Strong believer in basic education of every user towards online safety.

More Posts - Website

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.