Security News > 2020 > July > FakeSpy Android Malware Spread Via ‘Postal-Service’ Apps
Roid mobile device users are being targeted in a new SMS phishing campaign that's spreading the FakeSpy infostealer.
One example of a message used in the latest FakeSpy campaign is an alert from the postal service local to the region of the victim, informing them that the service tried to send a package, but the receiver was not at home, for instance.
Once FakeSpy is on the device, it steals all contacts in the device's contact list and their information, as well as the infected device's data.
It also asks to be the device's default SMS app so the malware can spread to other devices.
To avoid being duped by the new FakeSpy campaign, McQuiggan recommended that users ignore text messages from unknown users and verify any messages about deliveries or other postal services through trusted links to local delivery carriers before clicking on a link sent via SMS. Researchers believe that the recent FakeSpy campaigns are just the beginning of a new wave of threats from Roaming Mantis, as its "Authors seem to be putting a lot of effort into improving this malware, bundling it with numerous new upgrades that make it more sophisticated, evasive, and well-equipped," according to Almkias.
News URL
https://threatpost.com/fakespy-android-malware-spread-via-postal-service-apps/157102/
Related news
- New FireScam Android malware poses as RuStore app to steal data (source)
- New FireScam Android data-theft malware poses as Telegram Premium app (source)
- FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices (source)
- DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection (source)
- Crypto-stealing iOS, Android malware found on App Store, Google Play (source)
- SpyLend Android malware downloaded 100,000 times from Google Play (source)
- Vo1d malware botnet grows to 1.6 million Android TVs worldwide (source)