A fake Viber double has been reported to steal financial information from infected Android devices according to malware researchers. The app is distributed via third-party services that advertise it, and most Android users are protected as long as they do not remove the security setting on Android which allows the installation of applications from suspicious sources. However, the app still managed to infect approximately 1600 users which means it may also use another method of distribution.
Users on Twitter have complained about the application demanding administrative permissions upon startup.
After such permissions are granted to this application, it was reported to display a fraudulent error message saying that the program cannot be ran and has crashed. But there is no such thing as “the program” because the only software that is installed this way may be the financial-stealing malware associated with the fake Viber app.
Similar to other mobile malware, such as SimpleLocker, the virus may also spread via malicious advertisements published via the Google ad service on apps that support all types of advertisements. As soon as the user clicks on those apps, he may be presented a fake update screen prompting him to perform several different activities such as install Viber or update it. From there, the infection may commence.
At this point, it cannot be said with certainty whether or not the fake Viber application is spread in the latest version of Android – the 7.0 Nougat.
As soon as an infection is performed by this application, it may immediately begin to scan for any financial applications or applications that have financial credentials in them. The fake Viber malware may or may not have pre-configured scripts to extract financial information from various apps that may contain it, like PayPal, the web browsers that may have remembered credentials, ePay apps, Google PlayStore credentials and financial data and many other sources.
Anyone who has seen the errors above are strongly advised to be extremely careful around applications such as the fake Viber app and always choose legitimate sources for download such as the official PlayStore page. Its also strongly recommended installing an app protection program to avoid such incidents in the future.
Remove Fake Viber Financial Stealing Malware
To make sure you have removed this virus we strongly advise you to follow the removal instructions below. They include the complete restart of your device with the full wiping off all the data in it. Make sure to save all your important files in the phone somewhere else or back them up to the cloud because they will be deleted during a hard reset. Also, make sure to remember your official e-mail and password for your Google account that has been selected as an owner of the Android device.