Security News > 2022 > February > Roaming Mantis Android malware campaign sets sights on Europe
The Roaming Mantis SMS phishing campaign has finally reached Europe, as researchers detect campaigns targeting Android and iPhone users in Germany and France with malicious apps and phishing pages.
Roaming Mantis is a credential theft and malware distribution campaign that uses SMS phishing to distribute malicious Android apps as standalone APK files outside the Google Play Store.
Over the past four years, the campaign has been under constant evolution and was first spotted in 2018, targeting Android smartphone users in Japan via DNS hacking.
In its most recent form, Roaming Mantis uses a trojan named 'Wroba,' and is targeting users in France and Germany with smishing messages and landing pages injected on compromised legitimate websites.
If the victim uses an Android device, they are taken to a landing page that prompts them to install malware disguised as an Android app.
To prevent Roaming Mantis and other Android malware from infecting your device, you should always avoid downloading APKs from unusual sources and never allow the installation of packages from unknown sources.
News URL
Related news
- New Android malware steals your credit cards for NFC relay attacks (source)
- SuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay Attacks (source)
- Russian army targeted by new Android malware hidden in mapping app (source)
- GitHub becomes go-to platform for malware delivery across Europe (source)
- Android malware Crocodilus adds fake contacts to spoof trusted callers (source)
- FBI: BADBOX 2.0 Android malware infects millions of consumer devices (source)