Netflix, Instagram, and Twitter users are being targeted by a new Android Malware

Netflix, Instagram, and Twitter users are being targeted by a new Android Malware

MasterFred a new android malware is using fake login overlays to steal credit card information from Instagram, twitter, Netflix users and Banking customers. Sample of this virus was first submitted to VirusTotal in 2021. Alberto Segura said that “It seems there is an undetected Android #Banker affecting Turkey and Poland.” Sharing a sample of the virus a week ago.

“By utilizing the Application Accessibility toolkit installed on Android by default, the attacker is able to use the application to implement the Overlay attack to trick the user into entering credit card information for fake account breaches on both Netflix and Twitter.” Said Avast Threat Labs in a Twitter thread.

“Some things make MasterFred stand out. One of them is that the malicious apps used to deliver the malware on Android devices also bundle the HTML overlays used to display the fake login forms and harvest the victims’ financial info.”

“The malware also uses the dark web gateway (aka Tor2Web proxy) to deliver the stolen information to Tor network servers under its operator’s control.”

“Since at least one of the malicious apps bundling the MasterFred banker was recently available in Google’s Play Store, it’s safe to say that MasterFred’s operators are also likely using third-party stores as a delivery channel for this new malware.” mentioned Bleeping Computer news in their post.


Stealing credit card Information using fake login overlays.









  • Scan and block the IOCs in the network.
  • Reduce the risk of downloading potentially harmful apps by limiting your download sources to official app stores.
  • Install Android updates and patches as and when available from Android device vendors.
  • Do not browse un-trusted websites or follow un-trusted links and exercise caution while clicking on the link.
  • Only click on URLs that clearly indicate the website domain.
  • Install and maintain updated anti-virus and antispyware software.
  • Consider using Safe Browsing tools, filtering tools (antivirus and content-based filtering) in your antivirus, firewall, and filtering services.


Copy link
Powered by Social Snap