Home Android Apps New Malware Targeting Android Uber App

New Malware Targeting Android Uber App

Jan 4, 2018

There is a new rare malware targeting the Android Uber app, which was just revealed by Symantec. This malware is essentially spoofing the Uber Android app and then harvesting various types of information. Information that is being stolen includes the passwords to the Uber account. The good news from Symantec is that this malware is not impacting most people. If you use Uber on your Android device, read on to learn more about this rare malware that could be detrimental to those affected.

Malware Targets Android Uber App & Steals Information

The worst part about this new malware that is targeting the Android Uber app is that it is stealing all kinds of information. This information, such as the passwords, can then be used later on to take over the account of the user. The first thing that happens is that the malware will show on the screen just like the regular Android Uber app. You will then enter your username and password just as you normally would to login to Uber. After the user falls for this fake Android Uber login screen, the attacker gains this personal information, including the password.

The window you are logging into looks just like the real Uber login, so that is why it is so easy to get people to login without thinking something is wrong. The information is now in the hands of the attacker, meaning they can also now login to your Android Uber account. Even worse, the malware then will go deep into the actual Uber Android app to cover up this theft of the credentials. This means you will still see your real location. It all will look real and it seems as if you are really in the Uber app, when you are actually in the malicious app without knowing it.

Sophisticated Malware Targets Android Uber App

This malware is pretty sophisticated since it is using deep linking routes in order to make it seem like the real Android Uber app. It even will link to various content from within the app, using these deep link routes. Symantec was able to also see that the malware is able to get the real location from the user using these deep links. The regular Uber app uses the location of the user too, which is how this app avoids detection or suspicion from the user. This is just the latest step in malware becoming more sophisticated and using the deep link routes to imitate the real app in order to gain access.

As we stated previously, most of the people using the Android Uber app are not at risk here though. You cannot accidentally download this malware since it is not on Google Play Store, meaning you would have to download it from another source. Obviously, the best way to avoid this malware is to not download any apps from third-parties, such as alternative app stores.

Rare Android Uber Malware Puts Select Few at Risk

Symantec said that this malware should not present itself worldwide, and it likely will not see distribution worldwide or anything like that. This is just another reminder that you should only download apps from Google Play Store, since downloading fake apps like this one puts you at a lot of risk for identity theft or worse.

We are also starting to see a lot more sophisticated fake and malicious apps coming out to app stores beyond Google Play Store. Uber said that even if you gave your password away, there are many security controls in place to block unauthorized access to your account. Uber has a lot of security measures in place, which will help in situations like this. The problem is that a lot of other apps do not have this security or ability to block unauthorized access, so you need to really be careful about downloading apps.