17 December 18, 16:27
Quote:There have been some bad trojans found on Android, but this is possibly one of the worst. This new threat automates a PayPal transaction for $1000 and sends it using the official PayPal app—even on accounts with 2FA enabled.Full reading: https://www.howtogeek.com/fyi/new-androi...icial-app/
The PayPal Hijack
It does this using a couple of different methods and leveraging Android’s Accessibility services. The malicious app is currently disguising itself as an Android optimization tool and has been making its way onto users’ phones through third-party app stores. So for starters, don’t use third-party app stores.
When installed, “Optimization Android” (seriously, why would you install something with a name like this in the first place?) also creates an Accessibility service called “Enable statistics.” It then requests access to this feature, which seems harmless enough—it will allow the app to monitor user actions and retrieve window content. If you think it’s all in the name of making your phone faster, it [i]almost[/i] makes sense.