Connect with us

Hi, what are you looking for?

Cyber Security

Fake Chrome App Goes Viral with Smishing

A new Android malware is spreading and has already targeted hundreds of thousands of people. It impersonates the Google Chrome app and uses smishing attacks to steal credentials. In addition, the campaign uses a mix of techniques to evade mobile security solutions, as well.

What has happened?

According to researchers, the campaign was first spotted at the beginning of May in multiple European countries. Considering its rate of propagation, it is anticipated to have been spread to other countries.

  • The attack starts with a smishing gambit in which targets receive an SMS text urging them to pay customs fees to release a package delivery. Upon clicking, a message asks them to update the Chrome app.
  • Unsuspecting users are redirected to a malicious website, from where the malicious app, pretending to be an update, gets downloaded to their phones.
  • Subsequently, victims are taken to a phishing page asking to pay a small $1 or $2 amount, which is just an attempt to collect the victim’s credit card details.

The fake app

The fake Chrome app, which is used for propagation, can send 2,000 SMS messages per week from infected devices.

  • The messages are sent out on a daily basis during a certain two or three-hour time period.
  • The recipient phone numbers are not from the victims’ phone books, however, they follow a sequential pattern.
  • Meanwhile, the malware stays hidden on infected devices by using the official Chrome app name and icon.

Closing lines

A combination of efficient phishing techniques, malware propagation techniques, and several evasion techniques make this campaign capable of spreading faster without getting detected. Thus, users are recommended to use mobile security solutions with massive datasets of mobile threat telemetry.

Source: https://cyware.com/news/fake-chrome-app-goes-viral-with-smishing-3a3c04f1

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

A new version of the ViperSoftX information-stealing malware has been discovered with a broader range of targets, including targeting the KeePass and 1Password password...

Cyber Security

The Cybersecurity and Infrastructure Security Agency (CISA) has added one more security vulnerability to its list of bugs known to be exploited in attacks....

Cyber Security

The Dutch Ministry of Education has decided to suspend the use of Chrome OS and Chrome web browser until August 2023 over concerns about...

Cyber Security

A phishing kit has been released that allows red teamers and wannabe cybercriminals to create effective single sign-on phishing login forms using fake Chrome...

Copyright © 2023 Newsworthy News | Global | Political | Local | All News | Website By: Top Search SEO