SMS Malware that Imitates COVID Registration App Targets Indian Users
source link: https://news.softpedia.com/news/sms-malware-that-imitates-the-covid-registration-app-is-targeting-indian-users-532803.shtml
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Indian Android users are being targeted by a new text-message malware that collects sensitive personal data
Security researchers have discovered a new piece of malware said to be targeting Android users in India by impersonating the COVID-19 free vaccine registration application. Dubbed SMS Worm, it encourages users to download a fake vaccine registration app, spreads through text messages and steals sensitive information.
Lukas Stefanko, a malware researcher, first identified the SMS Worm on Twitter, claiming that the latest Android malware is targeted at Indian users, specifically. He also included screenshots of the malware spreading via text messages. The fake free vaccine registration app appears on the phone as the Vaccine Register app and demands access to personal information once users download it using the link provided in the message.
Cyble, a risk intelligence company based in Australia, has also disclosed how the SMS Worm malware works. When downloaded, the malware performs a variety of tasks on the victim's computer, including allowing unauthorised access to private accounts and facilities, using the device for unauthorised activities, disclosing personal data from the user's mobile device, and so on.
The SMS malware's source code could have been used by the same developer in other applications.
"New variants of SMS-worms for Android do not appear very often, and this particular variant is an interesting piece of malware and part of a unique attack. Besides tricking unsuspecting users into installing a worm and other software that they may not want, the worm can also use up their billing plan by automatically sending messages without their knowledge," according to Cyble in a blog post.
According to Cyble's results, this piece of malware targets Android users. The team was unable to determine whether a similar malware was also targeting iOS users at this time, adding that Android has a much higher adoption rate than iOS in India.
How to avoid being tricked by malware that spreads through SMS
The best way to avoid being duped by malware is to avoid downloading apps or visiting websites through links sent from untrustworthy sources.
If you've got a text message with a link to a website where you can download an app, don't do it. Stick to downloading apps from the official app store or, in the case of Android, the Google Play store. Another good practice is to check what permissions applications on your phone are requesting. Using an extra layer of protection, such as two-factor authentication would be very helpful as well.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK