Android Malware Fakesky Uses Fake Messages To Spy On You

Researchers suspect a Chinese-speaking group called Roaming Mantis is the cause of the latest Fakesky attacks.

An old Android malware that is capable of stealing users’ banking information and personal details is making a comeback after nearly three years.

The Android malware called Fakesky was first discovered in October 2017 wherein it primarily attacked people in South Korea and Japan.

But now researchers at Cybereason Nocturnus have discovered that a more potent form of Fakesky is targeting users all over the world including people in countries such as China, Taiwan, France, Switzerland, Germany, United Kingdom, and the United States among others. And this time around, the malware is befooling users by masquerading as a postal service app.

As per the report, the malware uses a smishing or SMS-phishing attack to target users. It sends an SMS to the users that tells them to download an app that masquerades itself as a genuine postal service app.

Once users open the infected app, it asks users for two permissions. The first permission allows it to intercept every message received on the users’ device and send it to its servers, while the second permission allows it to work at full capacity even when the screen has been turned off and the phone has been locked.

Once it gets these permissions, it steals confidential information such as users’ phone numbers, device models, OS versions, telecom providers, banking information, IMEI number, and IMSI number.

Also Read:

Furthermore, it replicates itself by sending a similar infected message to all the contacts in users’ phonebook.

Researchers suspect a Chinese-speaking group called Roaming Mantis, which primarily operates in Asia, is the cause of the latest malware attack.

Latest Posts

Related Articles