Security News > 2022 > July > Roaming Mantis hits Android and iOS users in malware, phishing attacks
Taiwan, South Korea, Japan, the US, and the U.K. the Roaming Mantis operation moved to targeting Android and iOS users in France, likely compromising tens of thousands of devices.
Roaming Mantis is believed to be a financially-motivated threat actor that started targeting European users in February.
In a recently observed campaign, the threat actor uses SMS communication to lure users into downloading malware on their Android devices.
In a report published today, researchers at cybersecurity company SEKOIA say that the Roaming Mantis group is now dropping on Android devices the XLoader payload, a powerful malware that counts features such as remote access, information stealing, and SMS spamming.
The ongoing Roaming Mantis campaign is targeting French users and starts with an SMS sent to prospective victims, urging them to follow a URL. The text message informs about a package that has been sent to them and which they need to review and arrange its delivery.
The number of iOS users who have handed over their Apple iCloud credentials on the Roaming Mantis phishing page is unknown and could be the same or even higher.
News URL
Related news
- iOS devices more exposed to phishing than Android (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Cyber crooks push Android malware via letter (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- SpyLoan Android malware on Google play installed 8 million times (source)
- 8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play (source)
- New DroidBot Android banking malware spreads across Europe (source)
- New DroidBot Android malware targets 77 banking, crypto apps (source)