McAfee researchers have spotted a clever trojan designed to take advantage of a person's vanity and new security verification methods by asking victims to take a selfie.
The Android malware uses a sneaky code that runs continuously in the background while waiting for a user to open apps, specifically those where it would make sense to request payment information. The malware then overlays itself on top of the legitimate app where it proceeds to request personal information from a user for “verification purposes” ending with a request for the user to take a picture of themselves holding their ID card, according to an Oct. 13 blog post.
The trojan is disguised as a video plugin, which allows it to gain accesses to the device's permissions needed to execute the malicious code. So far the malware has only been impacted users in Singapore and Hong Kong.