Kaspersky researchers did found a money-stealing mobile malware where it can launch new variants of malware to the smartphone device

The malware have extend their target to Europe from Russia.  The Riltok have first discovered around Mid-2018.  

Smartphone users will gain a dangerous threat by Riltok because the Malware Trojan will gain access control to all financial accounts and steal any data of their victims such as login credentials and online banking session.

How Riltok Malware Trojan work?

  1. The attacker will send SMS message by using a phishing method (link of fake website that represent any well-known website) to the victims smartphone device
  2. However, the victims will click the link which it will redirect to a website that need to install a fake service that disguise of a new service
  3. As a result, fake service is installed in the smartphone and the Riltok malware will signal the attacker. It will assign the fake service as a legit service and main applications on controlling the SMS mechanism.

Function of Trojan will be mention such as

  • Riltok can be use to steal credentials from online banking session by using fake online banking application so that the victims will key-in the payment card information
  • Riltok will hide activity session for other application and all notification from an legit online banking application.


Kaspersky Lab Security Specialists advise will be as

  • Check the link in SMS whether its a valid link or a dummy link
  • Strictly on the installation of any suspicious program from unknown sources.
  • Always monitor to the permission function that been installed in the smartphone
  • Need to have antivirus been installed in the smartphone to protect your smartphone. *(Don’t use Free Antivirus on your smartphone)

Source: Riltok banking trojan begins targeting Europe

Leave a Reply

Your email address will not be published. Required fields are marked *