A bank industry group in Singapore is warning customers about malware hitting Android phones that can steal credit card numbers and other customer details for fraudulent purchases.
The malware also has the ability to intercept incoming SMS text messages, which allows cybercrooks to steal the one-time passwords (OTPs) often sent by banks as a form of two-factor authentication when making a transaction.
The malware sends the eavesdropped OTPs to a command-and-control (C&C) server operated by the criminals.
Full Article
