Security News > 2020 > July > FakeSpy Android Malware Spread Via ‘Postal-Service’ Apps
Roid mobile device users are being targeted in a new SMS phishing campaign that's spreading the FakeSpy infostealer.
One example of a message used in the latest FakeSpy campaign is an alert from the postal service local to the region of the victim, informing them that the service tried to send a package, but the receiver was not at home, for instance.
Once FakeSpy is on the device, it steals all contacts in the device's contact list and their information, as well as the infected device's data.
It also asks to be the device's default SMS app so the malware can spread to other devices.
To avoid being duped by the new FakeSpy campaign, McQuiggan recommended that users ignore text messages from unknown users and verify any messages about deliveries or other postal services through trusted links to local delivery carriers before clicking on a link sent via SMS. Researchers believe that the recent FakeSpy campaigns are just the beginning of a new wave of threats from Roaming Mantis, as its "Authors seem to be putting a lot of effort into improving this malware, bundling it with numerous new upgrades that make it more sophisticated, evasive, and well-equipped," according to Almkias.
News URL
https://threatpost.com/fakespy-android-malware-spread-via-postal-service-apps/157102/
Related news
- Android malware uses NFC to steal money at ATMs (source)
- New NGate Android malware uses NFC chip to steal credit card data (source)
- Cybercriminals Deploy New Malware to Steal Data via Android’s Near Field Communication (NFC) (source)
- New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards (source)
- SpyAgent Android malware steals your crypto recovery phrases from images (source)
- New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys (source)
- Beware: New Vo1d Malware Infects 1.3 Million Android-based TV Boxes Worldwide (source)
- New Android Malware 'Ajina.Banker' Steals Financial Data and Bypasses 2FA via Telegram (source)
- New Vo1d malware infects 1.3 million Android TV streaming boxes (source)
- New Vo1d malware infects 1.3 million Android streaming boxes (source)