Saturday, January 23, 00:42
Home security Android malware is distributed via phishing SMS and steals data

Android malware is distributed via phishing SMS and steals data

Android malware

A strong form Android malware returned and spread through SMS Phishing attacks. Malware can steal bank data, personal information, private communications And much more. It is called FakeSpy and has been active since 2017. Originally targeted users in Japan and South Korea, but is now targeting users Android worldwide. Depending on the purpose, the necessary changes are made to deceive users across Asia, Europe and North America.

FakeSpy's latest campaign analyzed by researchers Cybereason, who say the attacks are linked to Roaming Mantis, One Chinese hacking team, which has carried out similar campaigns.

FakeSpy is constantly evolving and "evolving fast". A new version of malware is released every week, with new features and avoidance techniques.

Android malware works as stealer information. It steals SMS, financial information, application data and accounts, while also reads contact lists And much more.

The recent campaign targets users in China, Taiwan, France, Switzerland, Germany, United Kingdom, USA and other countries. Android malware tries to install on the victim's device via a phishing SMS claiming to be related to a lost package from a local postal service or delivery service.

phishing SMS

There is one in phishing SMS link which directs them users in a fake website. There they are instructed to download an app that looks like it's from the local post office. For example, UK users are required to download a specially designed fake version of the Royal Mail app. The US Postal Service app is downloaded in America, the Deutsche Post in Germany, La Poste in France, the Japan Post in Japan, the Swiss Post in Switzerland and the Chughwa Post in Taiwan. Basically, by downloading these apps, users download Android malware.

The fake ones applications they look a lot like the real ones. After downloading the application - which requires the user to enable it installation from unknown sources - the fake page will redirect users to the legitimate website so that they do not suspect anything.

Android malware also requests many permits, which does not seem very strange because it is common in legal applications.

Once installed, FakeSpy can monitors the device to steal various information: name, phone number, contacts, bank details, cryptocurrency details. It also monitors messages and applications.

Android malware takes advantage of device infection to spread, sending the same phishing SMS to all the victim's contacts.

Researchers argue that the attacks are not targeted. The hackers try to target as many users as possible to steal personal and especially banking data.

FakeSpy has been active for the last three years and continues to be threatening for Android users as it evolves and changes.

However, users can avoid falling victim to Android malware, if they are extremely careful with unexpected SMS messages, especially if they claim to be from organizations and ask the user to open links and archives. Finally, one mobile protection program, can also help identify the threat.


Please enter your comment!
Please enter your name here

Digital Fortress
Digital Fortress
Pursue Your Dreams & Live!


Intel CPUs Review: Core i7-10700 vs Core i7-10700K!

Over the years, the Intel series of processors (CPUs) introduced the series of overclocking models "K" and more recently the series ...

The DeLorean can return as an electric car

The DMC DeLorean has been out of production for almost 40 years, but it looks like the iconic vehicle will return as an electric car.

Windows RDP servers are used to support DDoS

Cybercrime gangs are abusing Windows Remote Desktop Protocol (RDP) systems to reinforce the unwanted ...

SEPA: He refused to pay a ransom and thousands of files were leaked

Thousands of stolen files of the Scottish Environmental Protection Agency (SEPA) have been published by hackers, after the organization refused to pay the ransom ...

Fines at Valve, Capcom and Zenimax for geo-exclusion of games

Following a European Commission investigation, a group of video game publishers was fined € 7,8 million following allegations of geo-exclusion practices. In...

Bitcoin helps the middle class survive the pandemic

Regulators still imply that Bitcoin is just a tool for criminals, but it seems that for the middle class ...

Lightworks 2021.1 for Linux, Mac and Windows has been released

Lightworks Professional Multi-Platform Video Editing Software received the first major update to Lightworks 2021.1 for Windows, Linux and Mac.

Netflix: Watch the 9 best Anime movies of all time

One of the good things about the pandemic was that many people were introduced to the anime world. And the issue with anime is ...

CHwapi: Windows BitLocker "hit" the Belgian hospital!

The CHwapi hospital in Belgium was attacked by a cyber attack on January 17, with hackers claiming to have encrypted 40 servers and 100 ...

CPU / GPU Lotteries: Newegg sells the few on the market

Hardware shortages are not uncommon, but the pandemic has worsened the situation. The whole planet is closed to ...