1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • This Android malware could leave your wallet pretty empty

    From TechnologyDaily@1337:1/100 to All on Mon Jun 6 23:00:04 2022
    This Android malware could leave your wallet pretty empty

    Date:
    Mon, 06 Jun 2022 21:52:46 +0000

    Description:
    Malicious Android app dials premium numbers in the background, incurring huge expenses for the victim.

    FULL STORY ======================================================================

    A newly discovered mobile malware can rake up quite the phone bill for its victims, cybersecurity pros from Avast have revealed.

    The antivirus company recently spotted SMSFactory, a unique malware being distributed among its Brazilian customers, with mobile users in Russia, Ukraine, Turkey, and Argentina also seem to be targeted.

    SMSFactory deals damage by having the Android smartphone send phone calls and SMS messages to premium numbers. Its being distributed by unofficial
    channels, meaning you wont find SMSFactory on the Play Store, but you will find it on APKMods, and PaidAPKFree, two mobile app repositories with dubious policies. Avast also says the attackers promote the app with malvertising, push notifications, various promotional pop-ups and websites, videos, and such.

    Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 . Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/10.99. Accessing the contacts list

    Among the various permissions the app asks for, researchers have also found, is the permission to access the contact list , so its highly likely it uses the list to further expand its reach. Other requested permissions include location data, the permission to make phone calls, send and read SMS
    messages, wake lock and vibrate, handle overlay, use the entire screen, track notifications, and start various activities from the background.

    If these permissions werent large enough of a red flag, the Android device will also trigger a warning at installation, telling the potential victim
    that the app is risky. However, many seem to have turned a blind eye to the warnings, as the app has tens of thousands of installations, Avast said. Read more

    This creepy new Android malware records your audio and tracks your location


    That Android antivirus could actually be malware


    This Android malware targets passwords from almost 500 apps

    Once installed, the app will display a message that it doesnt work or that
    the service is unavailable. Given that it hides its name and icon, many users struggle to delete it, or apparently forget they have anything installed.

    Still, the app continues working in the background, maintaining its
    connection to the C2 server and sending an ID profile of the infected endpoint. These are the best firewall offerings around

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/this-android-malware-could-leave-your-wallet-pr etty-empty/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)