Back

KYCShadow Malware Targets Indian Bank Customers via WhatsApp

Severity: High (Score: 65.0)

Sources: Gbhackers, Cybersecuritynews

Summary

A new Android banking malware known as KYCShadow has emerged, specifically targeting bank customers in India. The malware exploits a fake Know Your Customer (KYC) verification process and is distributed through WhatsApp messages. Victims receive messages urging them to install a malicious APK that masquerades as an official banking compliance application. Once installed, KYCShadow silently collects sensitive financial information from the users. This campaign is part of a broader trend of banking fraud in India, similar to previous incidents. The malware's distribution method and social engineering tactics make it particularly dangerous. As of now, there are no reported figures on the number of victims or financial losses. Security experts are urging users to be cautious of unsolicited messages regarding KYC updates. The situation is ongoing, with no specific countermeasures reported yet. Key Points: • KYCShadow malware targets Indian bank customers through fake KYC workflows. • The malware is distributed via WhatsApp as a malicious APK posing as a legitimate app. • Victims are tricked into providing sensitive financial credentials unknowingly.

Key Entities

  • Malware (attack_type)
  • India (country)
  • Financial (industry)
  • KYCShadow (malware)
  • T1056 - Input Capture (mitre_attack)
  • T1566.001 - Spearphishing Attachment (mitre_attack)
  • Android (platform)
  • WhatsApp (platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed