‘NB TV’ Malware Menace: Fake Free TV App Drains Mobile Banking Accounts
A dangerous malware named “NB TV” (a fake free TV channel) is spreading by targeting mobile banking and digital banking users in the country. The app lures users with the promise of free TV access to get installed on smartphones. Once installed, it takes control of banking apps on the device and siphons money from users’ accounts.
Users of several leading banks’ apps in the country have reportedly fallen victim to this cyberattack, although the incidents have not been publicly disclosed.
Dhaka Metropolitan Police (DMP) said it has already received more than 30 similar complaints, with the number of victims increasing steadily. In this situation, the DMP’s Cyber Crime Unit has issued a strong warning advising customers not to click on unknown links and not to download apps from any source other than the Play Store.
Investigations reveal that the malware operates in a highly sophisticated and deceptive manner. Initially, a fake money transfer or fund-receipt message is sent to the user’s phone. When the user opens the legitimate banking app to verify the message—despite not making any transaction—the malware becomes active. It then displays an identical fake login screen over the banking app. If the user enters their PIN or password, the information is instantly transmitted to hackers’ servers.
It has been observed that to complete the theft, the app uses permission to read SMS messages on the device. As a result, hackers can collect one-time passwords (OTP) required for banking transactions without the user’s knowledge.
DBTech/ISPC/MUM/OR
