Security News > 2022 > July > Roaming Mantis hits Android and iOS users in malware, phishing attacks

Taiwan, South Korea, Japan, the US, and the U.K. the Roaming Mantis operation moved to targeting Android and iOS users in France, likely compromising tens of thousands of devices.

Roaming Mantis is believed to be a financially-motivated threat actor that started targeting European users in February.

In a recently observed campaign, the threat actor uses SMS communication to lure users into downloading malware on their Android devices.

In a report published today, researchers at cybersecurity company SEKOIA say that the Roaming Mantis group is now dropping on Android devices the XLoader payload, a powerful malware that counts features such as remote access, information stealing, and SMS spamming.

The ongoing Roaming Mantis campaign is targeting French users and starts with an SMS sent to prospective victims, urging them to follow a URL. The text message informs about a package that has been sent to them and which they need to review and arrange its delivery.

The number of iOS users who have handed over their Apple iCloud credentials on the Roaming Mantis phishing page is unknown and could be the same or even higher.

News URL

https://www.bleepingcomputer.com/news/security/roaming-mantis-hits-android-and-ios-users-in-malware-phishing-attacks/