Android devices targeted in global campaign that steals SMSes to get OTPs
Ang Qing

The SMS stealer is distributed via malicious advertisements or Telegram bots that can automatically communicate with victims. PHOTO ILLUSTRATION: PIXABAY
SINGAPORE - Android device users beware; your devices have been targeted by an ongoing global campaign to steal SMSes with malware.

The Cyber Security Agency of Singapore (CSA) warned, in an alert on Aug 6, of the mobile malware that can scan SMSes to retrieve one-time passwords (OTP), which are designed as an extra layer of security for sensitive data and apps.

These codes, which are needed for account registrations or two-factor authentication, can then be used to infiltrate corporate networks and data.

Alarm about the campaign was raised on July 31 by mobile security firm Zimperium, which has been tracking the campaign since 2022. It said victims hail from 113 countries, with Russia and India being the primary targets.

A CSA spokesperson said the agency has not received any local reports so far.

The SMS stealer is distributed via malicious advertisements or Telegram bots that can automatically communicate with victims.

In the first method, victims are tricked to click a link that leads them to a webpage impersonating the Google Play website.

Inflated download counts of the malware app entice victims to download the SMS stealer malware masquerading as a legitimate app.

In the second method, Telegram bots promise an app that users would normally have to pay for, in exchange for their phone numbers.

The malicious app, disguised as an Android application package (APK), is then generated for tracking and potential future cyber attacks targeting the victim.

Once the malicious app is installed, the SMS stealer malware will request for access to the victim’s SMSes.

To date, Zimperium researchers have found more than 107,000 unique malware apps tied to the campaign and a network of 2,6000 Telegram bots that distribute some of these apps.

Android users are advised by CSA to adopt the following measures to protect their devices against malware:

Install only apps from the official Google Play Store. Check the developer information on the app listing, and download only apps developed and listed by the official developer.
Avoid disabling the Play Protect function that runs safety checks on apps from the Google Play Store before downloading them.
Read the security permissions requested by the app and its privacy policy before downloading. Be wary of apps that ask for unnecessary permissions like accessing the SMS function or contact list on a device.
Immediately uninstall any unknown apps that suddenly appear on devices.
Perform anti-virus scans and keep regular backups of important data.
Ensure that devices’ operating systems and apps are updated regularly so that they are protected by the latest security patches.


Android devices targeted in global campaign that steals SMSes to get OTPs | The Straits Times
https://www.straitstimes.com/singapore/android-devices-targeted-in-global-campaign-that-steals-smses-to-get-otps
Android devices targeted in global campaign that steals SMSes to get OTPs Ang Qing The SMS stealer is distributed via malicious advertisements or Telegram bots that can automatically communicate with victims. PHOTO ILLUSTRATION: PIXABAY SINGAPORE - Android device users beware; your devices have been targeted by an ongoing global campaign to steal SMSes with malware. The Cyber Security Agency of Singapore (CSA) warned, in an alert on Aug 6, of the mobile malware that can scan SMSes to retrieve one-time passwords (OTP), which are designed as an extra layer of security for sensitive data and apps. These codes, which are needed for account registrations or two-factor authentication, can then be used to infiltrate corporate networks and data. Alarm about the campaign was raised on July 31 by mobile security firm Zimperium, which has been tracking the campaign since 2022. It said victims hail from 113 countries, with Russia and India being the primary targets. A CSA spokesperson said the agency has not received any local reports so far. The SMS stealer is distributed via malicious advertisements or Telegram bots that can automatically communicate with victims. In the first method, victims are tricked to click a link that leads them to a webpage impersonating the Google Play website. Inflated download counts of the malware app entice victims to download the SMS stealer malware masquerading as a legitimate app. In the second method, Telegram bots promise an app that users would normally have to pay for, in exchange for their phone numbers. The malicious app, disguised as an Android application package (APK), is then generated for tracking and potential future cyber attacks targeting the victim. Once the malicious app is installed, the SMS stealer malware will request for access to the victim’s SMSes. To date, Zimperium researchers have found more than 107,000 unique malware apps tied to the campaign and a network of 2,6000 Telegram bots that distribute some of these apps. Android users are advised by CSA to adopt the following measures to protect their devices against malware: Install only apps from the official Google Play Store. Check the developer information on the app listing, and download only apps developed and listed by the official developer. Avoid disabling the Play Protect function that runs safety checks on apps from the Google Play Store before downloading them. Read the security permissions requested by the app and its privacy policy before downloading. Be wary of apps that ask for unnecessary permissions like accessing the SMS function or contact list on a device. Immediately uninstall any unknown apps that suddenly appear on devices. Perform anti-virus scans and keep regular backups of important data. Ensure that devices’ operating systems and apps are updated regularly so that they are protected by the latest security patches. Android devices targeted in global campaign that steals SMSes to get OTPs | The Straits Times https://www.straitstimes.com/singapore/android-devices-targeted-in-global-campaign-that-steals-smses-to-get-otps
WWW.STRAITSTIMES.COM
Android devices targeted in global campaign that steals SMSes to get OTPs
Victims hail from 113 countries, said a firm tracking the campaign. Read more at straitstimes.com.
Like
1
0 Comments 1 Shares 3901 Views