However, the cyber threat is serious because hackers can take over the accounts and even engage in identity theft. The virus collects the data by popping up a login screen demanding for the user’s username and password.
If the user introduces the data, he loses his account.
In order to disguise itself as a legit app, the malware uses links to the legitimate Uber app to show the location of the user. In other words, the user is tricked into believing that he is typing in the data in the Uber app, not a malicious piece of software.
Researchers found that hackers were able to steal and display real location data that they had taken from Uber through a process called deep linking. The malware shows a screen that looks like the real app with the user’s current location to prevent him from becoming suspicious.
Download the Uber App from Trusted Sources
Symantec experts were amazed by hackers’ creativity when it comes to finding ways to trick their victims. Fortunately, most Uber riders are not at risk. Most users download the Uber app from the Google Play store. The one with the malicious software is downloaded from a third party.
Experts warn users not to download Android apps from non-authorized sources. Hackers have become more sophisticated, and sticking with the Play Store is the best prevention measure to date.
Uber too recommends downloading their app from the Google Play Store. The company pledged to set a series of security controls to prevent illegal logins even when the user had unknowingly handed his password to hackers.
Image Source: Flickr