Security News > 2020 > July > FakeSpy Android Malware Spread Via ‘Postal-Service’ Apps

Roid mobile device users are being targeted in a new SMS phishing campaign that's spreading the FakeSpy infostealer.

One example of a message used in the latest FakeSpy campaign is an alert from the postal service local to the region of the victim, informing them that the service tried to send a package, but the receiver was not at home, for instance.

Once FakeSpy is on the device, it steals all contacts in the device's contact list and their information, as well as the infected device's data.

It also asks to be the device's default SMS app so the malware can spread to other devices.

To avoid being duped by the new FakeSpy campaign, McQuiggan recommended that users ignore text messages from unknown users and verify any messages about deliveries or other postal services through trusted links to local delivery carriers before clicking on a link sent via SMS. Researchers believe that the recent FakeSpy campaigns are just the beginning of a new wave of threats from Roaming Mantis, as its "Authors seem to be putting a lot of effort into improving this malware, bundling it with numerous new upgrades that make it more sophisticated, evasive, and well-equipped," according to Almkias.

News URL

https://threatpost.com/fakespy-android-malware-spread-via-postal-service-apps/157102/