FB pixel

Sophisticated malware found posing as Indonesia’s digital ID app

| Masha Borak
Categories Biometrics News  |  Financial Services  |  ID for All
Sophisticated malware found posing as Indonesia’s digital ID app
 

Cybersecurity researchers have discovered a malware app designed to steal financial data, which disguises itself as Indonesia’s national digital identity platform, Identitas Kependudukan Digital (IKD).

The malware app, named Android/BankBot-YNRK, was found circulating online outside of the official Google Play app store, posing as an APK file of the digital ID platform. Once a user installs it, the app will start exploiting Android permissions to gain access to sensitive data, targeting banking and cryptocurrency apps.

According to an investigation from cybersecurity firm Cyfirma, the Trojan operates stealthily by leveraging its permissions to observe what appears on screens, simulate button presses and automatically complete forms as if acting on the user’s behalf. It also transmitted device details, location data and a list of installed applications back to the attackers.

“Overall, Android/BankBot-YNRK exhibits a comprehensive feature set aimed at maintaining long-term access, stealing financial data and executing fraudulent transactions on compromised Android devices,” says Cyfirma.

The harmful application takes advantage of Android’s overlay capability to present counterfeit login pages over genuine banking and wallet applications. Once users input their login information, it gets sent straight to cybercriminals.

To cover their tracks, attackers would send real-time instructions to the smartphone, such as avoiding antivirus tools or erasing data. The Trojan also suppressed notification and sounds to avoid alerting its users.

Currently, it is unclear how many users installed the illegitimate app.

Identitas Kependudukan Digital (IKD), or Digital Population Identity, was developed by the Directorate General of Population and Civil Registration (Dukcapil) and launched in 2023. As of December 2024, 18 million people have signed up for IKD, while the Indonesian government has been trying to boost the number of digital ID users.

Related Posts

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

Get in on California’s Identity Gateway, says chief information official

California’s Chief Information Officer and California Department of Technology (CDT) Director Liana Bailey-Crimmins wants more departments to plug into the…

 

Digital identity takes center stage at G20 TechSprint as OIDF, ID4Africa joins judging panel

Digital identity featured prominently for the first time at the G20 TechSprint, with global open identity standards body OpenID Foundation…

 

World Bank experts urge more investment in DPI security, resilience

Three World Bank experts have cautioned that the rapid deployment of digital public infrastructure (DPI) must be matched with security preparedness…

 

Ethio Telecom to boost Cameroon’s digital connectivity, inclusion drive

Cameroon, through its government-owned telecommunications company (CAMTEL), is leaning on the experience of Ethiopia’s Ethio Telecom to strengthen its efforts toward…

 

Vietnam integrating biometrics into daily life in digital transformation drive

Vietnam is rapidly integrating biometrics and digital identity into everyday life, rolling out identity‑based systems across public transport, air travel…

 

Cambodia’s Verify digital ID tech adopted by the Philippines national identity system

The Philippines government is plugging in Cambodia’s digital verification platform to its national digital identity system. From St. Kitts and…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Continue Reading

Biometric Market Analysis

DIGITAL ID for ALL NEWS

Featured Company

Learn More

ID for ALL FEATURE REPORTS

BIOMETRICS WHITE PAPERS

BIOMETRICS EVENTS

EXPLAINING BIOMETRICS