According to reports, unsuspecting individuals are contacted via WhatsApp by fraudsters claiming to represent “Sri Lankan Airline” services. Victims are then directed to access one of three fraudulent websites and are persuaded to download a malicious mobile application titled “Sri Lankan.apk.”
Cybersecurity analysts have identified this application as a harmful banking trojan. Once installed, the app requests extensive permissions, enabling attackers to gain remote access to the victim’s mobile device. This unauthorized access allows cybercriminals to extract sensitive personal and financial data.
Investigations reveal that the perpetrators manipulate victims into initiating financial transactions and sharing critical security information, including One-Time Passwords (OTPs), bank account details, and authentication data such as fingerprints or facial recognition credentials. Using this information, attackers are able to infiltrate legitimate banking applications and conduct unauthorized transactions, transferring funds to fraudulent accounts.
Authorities urge the public to exercise extreme caution when receiving unsolicited messages, especially those requesting app installations or sensitive information. Users are advised to avoid downloading applications from unverified sources and to report suspicious activities to relevant cybersecurity and law enforcement agencies.
