LDPM January 2026 - digital - REV2

Because the fraud happens on the vic m’s own device and session, criminals can o0en bypass mul -factor authen ca on and device- fingerprin ng checks. How to stay safe If you no ce strange behaviour on your device or spot apps with generic names that include “u lity,” “security,” “retailer,” or “investment” that you don’t remember installing from the official Play Store, run a full system scan with a trusted Android an -malware solu on.

But preven on is beer:

 Only install apps from official app stores whenever possible and avoid installing apps promoted in links in SMS, email, or messaging apps.  Before installing finance-related or retailer apps, verify the developer’s name, number of downloads, and user reviews rather than trus ng a single promo onal link.  Protect your devices. Use an up-to-date real- me an -malware solu on like Malwarebytes for Android, which already detects this malware.  Scru nize permissions. Does an app really need the permissions it’s reques ng to do the job you want it to do? Especially if it asks for accessibility, SMS, or camera access.  Keep Android, Google Play services, and all banking or crypto apps up to date so you get the latest security fixes.  Enable mul -factor authen ca on on banking and crypto services, and prefer app-based or hardware-based codes over SMS where possible. And if possible, set up account alerts for new payees, large transfers, or logins from new devices. IOCs (See explana'on below) The following file hashes are detected by Malwarebytes under the listed detec on names: b6bae028ce6b0eff784de1c5e766ee33 detected as Android/Trojan.Agent.ACR3A2DCCDFH18 61b59eb41c0ae7fc94f800812860b22a detected as 36

Made with FlippingBook interactive PDF creator