FB pixel

Sophisticated malware found posing as Indonesia’s digital ID app

| Masha Borak
Categories Biometrics News  |  Financial Services  |  ID for All
Sophisticated malware found posing as Indonesia’s digital ID app
 

Cybersecurity researchers have discovered a malware app designed to steal financial data, which disguises itself as Indonesia’s national digital identity platform, Identitas Kependudukan Digital (IKD).

The malware app, named Android/BankBot-YNRK, was found circulating online outside of the official Google Play app store, posing as an APK file of the digital ID platform. Once a user installs it, the app will start exploiting Android permissions to gain access to sensitive data, targeting banking and cryptocurrency apps.

According to an investigation from cybersecurity firm Cyfirma, the Trojan operates stealthily by leveraging its permissions to observe what appears on screens, simulate button presses and automatically complete forms as if acting on the user’s behalf. It also transmitted device details, location data and a list of installed applications back to the attackers.

“Overall, Android/BankBot-YNRK exhibits a comprehensive feature set aimed at maintaining long-term access, stealing financial data and executing fraudulent transactions on compromised Android devices,” says Cyfirma.

The harmful application takes advantage of Android’s overlay capability to present counterfeit login pages over genuine banking and wallet applications. Once users input their login information, it gets sent straight to cybercriminals.

To cover their tracks, attackers would send real-time instructions to the smartphone, such as avoiding antivirus tools or erasing data. The Trojan also suppressed notification and sounds to avoid alerting its users.

Currently, it is unclear how many users installed the illegitimate app.

Identitas Kependudukan Digital (IKD), or Digital Population Identity, was developed by the Directorate General of Population and Civil Registration (Dukcapil) and launched in 2023. As of December 2024, 18 million people have signed up for IKD, while the Indonesian government has been trying to boost the number of digital ID users.

Related Posts

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

Biometrics back digital government gains around the world

Digital government was in the spotlight this week on Biometric Update with the release of the OECD rankings and a…

 

MOSIP delves into biometric data quality considerations

Biometric data quality was in focus at MOSIP Connect 2026 in Rabat, Morocco, from policies for ensuring good enrollment practices…

 

NIST nominee pressed on AI standards, facial recognition oversight

The Senate Committee on Commerce, Science and Transportation on Thursday considered the nomination of Arvind Raman to serve as Under…

 

Trulioo’s Hal Lonas on how he applies aeronautics principles to fighting fraud

Rocket science is routinely held up as the ultimate example of a highly complex discipline. But Trulioo’s Hal Lonas found…

 

Vouched donates MCP-I framework to Decentralized Identity Foundation

An announcement from Seattle-based Vouched says it has formally donated its Model Context Protocol – Identity (MCP-I) framework to the…

 

California’s OS-based age verification law challenges open-source community

California’s new online safety bill, AB 1043 (the Digital Age Assurance Act), adopts a declared age model for operating systems….

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Continue Reading

Biometric Market Analysis and Buyer's Guides

DIGITAL ID for ALL NEWS

Featured Company

Learn More

ID for ALL FEATURE REPORTS

BIOMETRICS WHITE PAPERS

BIOMETRICS EVENTS

EXPLAINING BIOMETRICS