Industry News

Conference

04 Jan 2018

Android users being targeted by fake Uber app

Sam Clark

The security firm has analysed a recent version of the Android.Fakeapp malware variant, and found that hackers are tricking users into entering their passwords and phone numbers onto a fake version of Uber.

Millions of Android users around the world use Uber, meaning the discovery could affect a significant number of phone users globally.

The malware works by bringing up a screen on the user’s phone that matches the Uber user interface. It asks for a phone number and the user’s password, in order to log into the app. Once entered, these details are sent to the malware’s remote server.

It is at this point that the malware does something relatively unusual, according to Symantec. In order to avoid arousing suspicion, once details have been entered, the malware takes the user through to a legitimate Uber screen, showing his or her location, which is the expected result after logging in.

Clearly, as the malware is not the legitimate Uber app, it has to perform some trickery to get to this point. It does this, Symantec says, by using the ‘deep link URI of the legitimate app.’

A URI is similar to URLs used on the web, but for an app. These deep links take users to a specific piece of content within the app. For instance, in this case, the malware takes the user to Uber’s ride request page by using the URI ‘uber://?action=setPickup&pickup=my_location’.

Given the smart social engineering carried out through this malware, Symantec recommends making frequent backups, keeping software up to date, and paying attention to the types of permissions requested by apps.

This snippet of code shows the process through which the malware takes the user’s Uber credentials across to its server, then instructs Android to display the Uber ride request page.

View all Industry News
Loading

Latest News

2019 Sponsors

Diamond Sponsor

  • Huawei Technologies

Theatre Sponsors

  • Netpoleon
  • McAfee
  • Senetas

VIP Lounge Sponsor

  • Cyfirma

Platinum Sponsors

  • Cloudfare
  • McAfee

Platinum Sponsors

  • Pacific Tech
  • Sophos

Gold Sponsors

  • Aversafe
  • Barracuda
  • BlackBerry Cylance
  • Cato Networks
  • CISCO Meraki

Gold Sponsors

  • Forcepoint
  • Forescout
  • Fortinet
  • IBM

Gold Sponsors

  • Retarus
  • Silver Peak
  • Singtel
  • Telstra
  • Zscaler

Silver Sponsors

  • Halodata
  • Tindo Group
  • Hillstone Networks
  • A10 Networks
  • 689 Cloud
  • Checkpoint
  • Nozomi Networks

Silver Sponsors

  • Alsid
  • Aqua
  • Aversafe
  • GENIANS INC
  • ICE71
  • Illumio
  • CyberArk

Silver Sponsors

  • Darktrace
  • Radware
  • Endpoint
  • NSFocus
  • Techfindr
  • Qulays
  • Centrify

Silver Sponsors

  • Git Lab
  • Jetico
  • Senetas
  • Sonic Wall
  • Terrabit Networks
  • BluePIsh
  • Keyless

Silver Sponsors

  • IntSights Cyber Intelligence
  • Kanguru
  • Thales
  • Tufin
  • Uniscon GmbH
  • Senhasegura
  • OneKIY

Silver Sponsors

  • WatchGuard
  • Groundlabs
  • Jiransoft
  • Horanji
  • ViewQuest
  • Zimperium
  • Seconize

Bronze Sponsors

  • ALC
  • AnqLave
  • Utimaco
  • Axway
  • Digital Shadows
  • KeyOptions
  • Zetaris Pty Ltd

Bronze Sponsors

  • AlgoSec
  • Cyberint
  • PT Sydeco
  • AppviewX
  • Netskope
  • Business Intelligence Technologies

Bronze Sponsors

  • HackEDU
  • HaltDos
  • Cyber Intelligence House
  • Tenable
  • Noviflow
  • M2M Connectivity

Bronze Sponsors

  • Hyperg Smart Technology
  • Iconz
  • Proficio
  • SecneurX
  • NSecured
  • Nexright

Bronze Sponsors

  • Icyberwise
  • Privasec
  • Ubiq Security
  • UCWare
  • PI Exchange
  • Bitglass
  • Exclusive Networks

Bronze Sponsors

  • ITEL Learnings Systems (S) Pte Ltd
  • NTUC LearningHub
  • TransWARE
  • Plott
  • Wilson A.I Pty Ltd
  • Wiredhands
  • Audacix

2019 Partners

Knowledge Partner

  • BICSI

News Distribution Partner

  • ACN Newswire

Associate Content Partner

  • Uptime Institute

Strategic SEO Partner

  • AdVantage

Strategic Event Partner

  • ISC2

Event Partners

  • AiSP
  • ARC Advisory
  • Asia Cloud Computing Association (ACCA)
  • Asosiasi Cloud Computing Indonesia
  • Fintech Association of Hong Kong
  • Accelerating Asia

Event Partners

  • Best Practice of eCommerce
  • BigDataX
  • CMO Council
  • ISACA
  • CSCIS
  • La French Tech
  • ASME

Event Partners

  • Practical DevSecOps
  • Digital Advertising Association Thailand (DAAT)
  • DevOps Institute
  • Forrester
  • Singapore Chamber of E-Commerce
  • Plug And Play
  • Co Creation Lab

Event Partners

  • IASA
  • IPI Singapore
  • itSMF
  • IFMA
  • European Data Centre Association
  • GS1

Event Partners

  • KinerjaBisa
  • Logistics & Supply Chain Management Society
  • Michael Page
  • NexChange
  • SG Tech
  • CHIME

Event Partners

  • Singapore Cyber Security Consortium (SGCSC)
  • Structure Research
  • General Assembly
  • Open Connectivity Foundation
  • Smart Asia India

Media Partners

  • APAC CIO
  • APSM
  • Asia Blockchain Review
  • Asia Research News

Media Partners

  • Australian Cybersecurity Magazine
  • Australian Security Magazine
  • BizClik Media
  • European Data Centre Association

Media Partners

  • Chief IT
  • CIO Advisor APAC
  • Cross Border Magazine
  • AI Time Journal

Media Partners

  • CryptoNewsZ
  • ComputerWeekly.com
  • Cyber Security ASEAN
  • Asia Content News
  • Enterprise Security Magazine

Media Partners

  • Data Storage ASEAN
  • e27
  • Fintech Finance
  • CMO Asia
  • GovTech SEA

Media Partners

  • Jumpstart Media
  • My Security Media
  • Retail CIO Outlook
  • Cybersec Asia
  • Frontier Enterprise – Jicara Media

Media Partners

  • Telecom Era
  • Supply Chain Digital
  • Techwire Asia
  • Gigabit
  • Digicon Asia

Media Partners

  • FutureIoT
  • Marketing Ops
  • Payment & Cards Network
  • Techtarget
  • FutureCIO

Official Partner Hotel

  • MBS

Media Partners

  • Wire 19
  • 计算机网络世界
  • Supply Chain Brain
  • Disruptive Tech Asean
  • FutureCFO

Testimonials

  • As cyber security is the hot topic at the moment, there are many exhibitors with new product showcase and conference speakers sharing their expertise, I find it very informative and insightful. My job scope covers a broad spectrum, having other shows like Big Data and IoT in one room is very convenient. Look forward to coming back next year too!
    Deputy Manager, Land Transport Authority
  • I’m interested in a couple of topics (i.e. Internet of Things, eCommerce and cloud & cyber security), so that’s why I’m here. We’ve just finished a conversation with NETSCOUT and are quite interested in their products – we will keep in touch with them to see how we can further collaborate.
    IT Manager, BSH Home Applications Pte Ltd
  • The event was good and informative. I've attended this event to browse for more products and solutions which we can use in our organisation to improve operations efficiency. I'll definitely be back next year.
    Team Lead, FMIS ICT Strategy, Lead and Innovation, Ministry of Economy and Finance
  • I attend this show with no particular focus but the speaker line up is good, the topics covered are wide as well. The speakers provide insightful content that are relevant to my job – cloud, cyber security, networks and the co-location of different shows help to save time too!
    Regional IT Governance Manager, TP ICAP