AppsGadgets

Android users, beware! Text message-stealing virus targets smartphones to obtain access to users’ data.

Text message-stealing virus
Text message-stealing virus

A massive SMS stealer operation is using Telegram bots and bogus app advertising to gain access to Android smartphones.

A new malware campaign has just been released, and it targets Android smartphones in the most insidious of ways.

According to a new analysis from ZLabs researchers at the mobile security company Zimperium, a big SMS stealer campaign is growing around the world, gaining access to Android users’ smartphones and taking their personal information before transmitting it to bad actors for financial benefit.

How do they do this? By fooling users with bogus app download pages or Telegram bots that make misleading claims about free Android apps.

A massive SMS stealer campaign

The hackers’ first meeting with a potential victim usually starts in one of two ways.

Some victims were shown a bogus app advertisement on a malicious website. Users who are fooled by the adverts are directed to a page that seems like a real Android software download link. The program, of course, is not the advertised application. Instead, spyware tricks victims into giving it access to read their SMS conversations.

The SMS stealer campaign also targets victims using Telegram bots. Zimerium researchers claim to have uncovered “roughly 2,600 Telegram bots” that duped users into believing they were being provided unlicensed Android apps for free. Victims would be required to provide their phone number in exchange for the app. However, the downloads they do receive are “unique malicious applications disguised as legitimate APKs.”

Once these criminal actors obtain access to the device, they can exploit the victim’s personal information for financial benefit. The text message access of this malware campaign is particularly terrible. It may supply these malicious actors with OTPs, or one-time passwords, which are frequently required by banks and other financial organisations to authenticate a user’s access.

Zimperium experts say they’ve been watching this SMS theft campaign for about two and a half years. Over that time span, researchers say they’ve seen “over 107,000 malware samples” linked to the campaign, demonstrating how the bad actors behind this dangerous software are constantly changing their effort to keep it effective.

And it appears that these hackers have achieved success.

According to researchers, the SMS stealer campaign has claimed victims in 113 different nations. The majority of the victims appear to be from India and Russia. However, there are a large number of victims in Brazil, Mexico, the United States, Ukraine, and Spain.

Android users should be aware of this fraudulent activity and avoid any download URLs that offer free app downloads.

A Google spokeswoman told Mashable that Android users should use the Google Play Protect function to prevent malware from infecting their devices.

“Android users are automatically protected against known versions of this malware by Google Play Protect, which is on by default on Android devices with Google Play Services,” according to a Google spokeswoman. “Google Play Protect can warn users or block apps known to exhibit malicious behaviour, even when those apps come from sources outside of Play.”

Views: 124

You may also like

Comments are closed.

More in:Apps