Security News > 2022 > July > Roaming Mantis hits Android and iOS users in malware, phishing attacks
Taiwan, South Korea, Japan, the US, and the U.K. the Roaming Mantis operation moved to targeting Android and iOS users in France, likely compromising tens of thousands of devices.
Roaming Mantis is believed to be a financially-motivated threat actor that started targeting European users in February.
In a recently observed campaign, the threat actor uses SMS communication to lure users into downloading malware on their Android devices.
In a report published today, researchers at cybersecurity company SEKOIA say that the Roaming Mantis group is now dropping on Android devices the XLoader payload, a powerful malware that counts features such as remote access, information stealing, and SMS spamming.
The ongoing Roaming Mantis campaign is targeting French users and starts with an SMS sent to prospective victims, urging them to follow a URL. The text message informs about a package that has been sent to them and which they need to review and arrange its delivery.
The number of iOS users who have handed over their Apple iCloud credentials on the Roaming Mantis phishing page is unknown and could be the same or even higher.
News URL
Related news
- Finland warns of Android malware attacks breaching bank accounts (source)
- PixPirate Android malware uses new tactic to hide on phones (source)
- DarkGate Malware Exploited Recently Patched Microsoft Flaw in Zero-Day Attack (source)
- New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT (source)
- Hackers Exploiting Popular Document Publishing Sites for Phishing Attacks (source)
- From Deepfakes to Malware: AI's Expanding Role in Cyber Attacks (source)
- New BunnyLoader Malware Variant Surfaces with Modular Attack Features (source)
- New StrelaStealer Phishing Attacks Hit Over 100 Organizations in E.U. and U.S. (source)
- Opera sees big jump in EU users on iOS, Android after DMA update (source)
- Over 100 US and EU orgs targeted in StrelaStealer malware attacks (source)