Hackers Exploiting WhatsApp To Steal Bank Customers’ Credentials, Warns Cybersecurity Researchers
Cybersecurity researchers are warning about a dangerous new malware strain that targets banking customers by exploiting WhatsApp and SMS.
Dubbed “GhostBat RAT,” the malicious software masquerades as legitimate government-related apps, tricking users into downloading infected Android files from GitHub or compromised websites.
According to the team at Cyble , the malware campaign has resurged in India with alarming sophistication, using shortened URLs in WhatsApp messages and text alerts to deceive victims into believing they’re installing official transportation apps.
Once installed, GhostBat RAT deploys a phishing overlay that captures sensitive information including mobile banking credentials, UPI PINs, and account details. It also intercepts SMS messages containing banking-related keywords to siphon one-time passwords and two-factor authentication codes, giving attackers full access to victims’ financial accounts.
Researchers found that the malware communicates with a remote command-and-control server to exfiltrate stolen data in real time, while also granting attackers the ability to monitor user activity, send messages, and modify system settings.
Cyble says that the campaign leverages social engineering tactics to build trust and gain permissions that bypass Android’s default security safeguards.
The firm has urged users to remain vigilant, avoid downloading applications from unofficial links, and verify the authenticity of app publishers before installation. Security experts also recommend reviewing app permissions, updating Android systems regularly, and using reliable mobile antivirus tools.
“The GhostBat RAT campaign represents a sophisticated evolution of RTO-themed Android malware. It combines multi-stage dropper techniques, anti-analysis defenses, native code exploitation, and social engineering to compromise users.
By targeting both banking credentials and UPI authentication flows, the malware demonstrates an ability to extract financial information directly while evading traditional detection mechanisms.”
Generated Image: Midjourney
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Bitcoin Updates: SGX Addresses Offshore Perp Shortfall as Bitcoin Decline Increases Demand for Hedging
- SGX launched Bitcoin and Ethereum perpetual futures, becoming a first-mover in regulated onshore crypto derivatives to meet institutional demand. - The $187B/year perp market, dominated by Asia, now gains a regulated alternative to offshore platforms with SGX's 22.5-hour trading window. - Perps enable hedging during Bitcoin's 2025 downturn, with SGX's margin-call system prioritizing investor protection over instant liquidations. - Regulatory caution limits access to accredited investors, aligning with gl
Bitcoin News Update: Institutional ETF Adjustments Challenge Key Bitcoin Support Thresholds
- Analysts warn Bitcoin faces 25% drop risk if key support levels fail amid shifting institutional ETF dynamics. - Texas's $5M IBIT purchase highlights growing government interest, but ETFs fall short of direct BTC ownership criteria. - Technical analysis shows Bitcoin trapped in a broadening wedge pattern, with breakdown below $80,000 risking $53k decline. - Institutional rebalancing sees $66M IBIT outflows vs. $171M FBTC inflows, signaling tactical ETF rotation over accumulation. - Abu Dhabi's $238M ETF
XRP News Today: IMF Cautions That Rapid Tokenized Markets Could Intensify Crashes in the Absence of Regulation
- IMF warned tokenized markets like XRP could worsen flash crashes without regulation, citing risks from decentralized systems lacking traditional safeguards. - Report acknowledged tokenization's potential to cut cross-border payment costs but highlighted volatility risks from rapid liquidity loss seen in crypto markets. - SEC's approval of crypto ETFs signals growing institutional acceptance, though regulators emphasize oversight frameworks to mitigate systemic risks. - IMF proposed a global digital marke
Bitcoin News Update: Meme Coins’ Path to Widespread Adoption Depends on ETFs and Clear Regulations
- Meme coins show renewed interest in 2025 as Bitcoin surges toward $90,000 and institutional investors reengage, driven by ETF/ETP launches blurring crypto-mainstream finance lines. - Solana-based BONK and privacy-focused GhostwareOS (GHOST) innovate with ETPs and modular privacy tools, attracting investors through novel value propositions. - Asian market volatility, including South Korea's Upbit hack, and Cardano's declining metrics highlight meme coins' fragility despite short-term technical optimism. -
Trending news
MoreCrypto prices
More
