Android users who prefer speaking to a real bank representative may need to exercise caution following the discovery of a sophisticated new malware. Known as “FakeCall” or “FakeCalls,” this Android malware reroutes bank calls to hackers, where the caller is unaware of the switch, giving hackers a direct line to sensitive banking information.
This malware has evolved over the past two years, with recent versions spotted by Zimperium showcasing a more advanced design. Unlike previous versions that mimicked banking apps, FakeCalls now infiltrates devices as a side-loaded APK, seeking permission to replace the standard phone dialer. Once active, it lies in wait for any outgoing calls to bank numbers. When it detects a call to a bank, the malware redirects the call to a hacker who impersonates a bank employee, leveraging a fake call interface to gain access to account details and personal information.
In more aggressive tactics, FakeCalls can even place calls to users posing as a bank representative. Recent versions go further, monitoring Bluetooth connections and using Android’s accessibility features to create deceptive visual elements, deepening the threat to unsuspecting users. Zimperium identified this malware “in the wild” but found no evidence of it in the Google Play Store. Several APK variants are circulating, with filenames like com.securegroup.assistant.
Android users are reminded to avoid sideloading apps from untrusted sources, as this remains one of the primary routes for malware entry. For enhanced safety, only downloading apps from verified sources such as Google Play can help reduce exposure to scams like FakeCalls.