Police warn new Android malware scam can factory reset phones; over S$10 million lost in first half of 2023

SINGAPORE: The police on Wednesday (Sep 20) issued an advisory about a new variant of Android malware scams, where scammers would initiate a factory reset on infected devices after the malware executes unauthorised transactions on the phone’s i-banking app.

There have been more than 750 cases of victims downloading the malware into their phones in the first half of 2023, with losses of at least S$10 million (US$7.3 million).

Victims would come across advertisements for various services, such as home cleaning and pet grooming, and food purchases on social media platforms like Facebook and Instagram.

The victims would then contact the “sellers” via the platforms or messaging app WhatsApp. Following this, the “sellers” would send a uniform resource locator (URL) link for the victims to download an Android Package Kit (APK) file, an app created for Android’s operating system.

Victims would then download and install the app, which includes granting it accessibility services. 

They would be instructed to make a PayNow transfer of S$5 as a deposit. 

“Unknown to the victims, their internet banking credentials would be stolen by the malware’s keylogging function upon the transfer,” the police said.

“After the scammers accessed and performed unauthorised transactions from the victim’s banking account, they would initiate a factory reset on the victims’ devices.”

The victims would then discover the unauthorised transactions after calling their banks or when they reinstalled the banking apps on their devices.