An update to the venerable Faketoken.q Android malware has made it easier for the program to steal your credit card information from ride-sharing apps. Faketoken attacks Russian ride-sharing apps by overlaying text boxes on the credit card information pages that can capture your credit number and other important information.
The trojan masquerades as a photo app on your phone and is specially camouflaged for maximum sneakiness. It then watches all your apps and uses a technique similar to Cloak & Dagger that overlays interface items onto running apps. This functionality is helpful in some cases but, as we see, is dangerous in others.
The trojan also goes after “apps for booking flights and hotel rooms, and apps for paying traffic tickets — as well as apps for booking taxis.”