Cybersecurity firm Kaspersky Lab has reported about an improved version of a mobile banking malware, named Faketoken recently. Cybercriminals are using this app to steal credentials from the popular cab and ride-sharing services. It is to be noted here, the taxi and ride-sharing apps require the bank card information of the users.

According to the experts, the latest version of the mobile banking malware is said to have significantly enhanced the functionality to steal the sensitive banking details of a user. When a user accesses any of the targeted cab-riding apps, Faketoken performs a live tracking of that app. In the next step, the Trojan malware superimposes a phishing window and steals the user’s banking details.

Further research reveals, Faketoken has an identical interface, having the same logos and colour schemes. Thus, it can create almost an invisible overlay in an instant.

In this context, Mr. Viktor Chebyshev, a security expert at the Kaspersky Lab is quoted to have said, “The fact that cybercriminals have expanded their activities from financial applications to other areas, including taxi and ride-sharing services, means that the developers of these services may want to start paying more attention to the protection of their users. The banking industry is familiar with fraud schemes, and its solution of implementing security technologies in apps has significantly reduced the risk of theft of critical financial data. Perhaps now it is time for other services that are working with financial data to follow suit.”

The report further stated, Faketoken is mostly targeting its victims in Russia, till now. However, experts opine the geographical periphery of the attack may suddenly get expanded any moment, just as it happened with the previous versions of Faketoken malware.

Faketoken has not confined its attack only on cab-hiring and ride-sharing apps. As such, it has also been noticed to target some travel and hotel-booking apps as well. In order to stay safe and secure, the experts are recommending users to stop installing apps from unknown sources in the first place.