Security News > 2022 > February > Roaming Mantis Android malware campaign sets sights on Europe
The Roaming Mantis SMS phishing campaign has finally reached Europe, as researchers detect campaigns targeting Android and iPhone users in Germany and France with malicious apps and phishing pages.
Roaming Mantis is a credential theft and malware distribution campaign that uses SMS phishing to distribute malicious Android apps as standalone APK files outside the Google Play Store.
Over the past four years, the campaign has been under constant evolution and was first spotted in 2018, targeting Android smartphone users in Japan via DNS hacking.
In its most recent form, Roaming Mantis uses a trojan named 'Wroba,' and is targeting users in France and Germany with smishing messages and landing pages injected on compromised legitimate websites.
If the victim uses an Android device, they are taken to a landing page that prompts them to install malware disguised as an Android app.
To prevent Roaming Mantis and other Android malware from infecting your device, you should always avoid downloading APKs from unusual sources and never allow the installation of packages from unknown sources.
News URL
Related news
- SpyLend Android malware downloaded 100,000 times from Google Play (source)
- Vo1d malware botnet grows to 1.6 million Android TVs worldwide (source)
- BadBox malware disrupted on 500K infected Android devices (source)
- North Korea’s ScarCruft Deploys KoSpy Malware, Spying on Android Users via Fake Utility Apps (source)
- New Android malware uses Microsoft’s .NET MAUI to evade detection (source)
- APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- New Crocodilus malware steals Android users’ crypto wallet keys (source)
- Counterfeit Android devices found preloaded With Triada malware (source)
- Triada Malware Preloaded on Counterfeit Android Phones Infects 2,600+ Devices (source)