For many reasons, including saving money, smartphone users download apps from third-party app stores. It’s called sideloading. It’s a risky choice since many sideloaded apps carry malware of all kinds. In this case, Android smartphone users who sideload the Optimization Battery (OB) app put their PayPal accounts in serious danger. Once they login to PayPal, a hack taking five seconds or less goes to work. Hackers behind this Trojan app steal PayPal login credentials and the two-step verification codes sent to ensure that account owners only–are the ones logging into their accounts. Once a hacker gains access, there’s nothing you can do to stop it, and you have no idea it’s even happening. The irony is that once OB is sideloaded, simply logging into your PayPal account–including using two-step verification for safety–is all the hackers need to do their dirty deed.
Cybersecurity firm, ESET, recently discovered that the Optimization Battery app can swipe funds from PayPal accounts by stealing login data in real-time. ESET found OB to be an unusually sneaky and patient Trojan app. OB uses an automated system that first asks for permission during downloading that asks for “Accessibility.” Once granted, it mimics screen taps and operating system interactions. Instead of immediately stealing PayPal funds, the malware lurks silently in the background, waiting to pounce. When a user opens their PayPal smartphone app, perhaps due to the malware sending a fake alert, it’s a done deal. The mimicked screen taps create a new transfer, entering a PayPal account for the fund transfer and then approves it.
The entire theft takes less than five seconds, with the PayPal account holder being none-the-wiser. In fact, the only time the hack fails is when the account no longer has any funds left to steal. Just remember that many of us have an added payment card as a backup, which makes the available funds that could disappear equal to the amount in your bank account plus your remaining credit limit!
It’s a cautionary tale for those who sideload apps despite the well-known warnings. When sideloading the OB app, not only is money not saved, there’s a great deal of it to be stolen. The good news is that Optimization Battery is only available for sideloads and not through the Google Play Store. That means there are not quite as many users downloading the Trojan app, stopping even more widespread theft. Keeping as safe as possible when downloading apps always starts by purchasing or even downloading the freebies directly from the official Google Play and other device official stores, and not sideloading.
We now know the OB app also sends bogus phishing alerts to account holders, one way or another getting them to login to their PayPal app. Staying alert for phishing of any kind, especially account alerts using emails, texts or phone calls–or all three–is a necessary strategy. In addition, pay particular attention to different access permission that apps request when downloading. They may ask for access to your photos, when the app has nothing to do with that feature.
Hackers stop at nothing to gain access to accounts of all kinds, also by using infected attachments and redirection to bogus web sites that steal all types of user information. Hackers are out there just waiting for you to let them in…be smart and make sure you not only keep the door closed, but locked too!