This Fakesky Android Malware uses SMS phishing to steal your personal and banking details


Android Users beware of this Fakesky Malware as it uses SMS Phishing to steal your personal and banking details

This is not the first time when Fakesky is stealing user data, the malware was discovered in 2017 in Japan earlier and now it has targeted users worldwide including China, Taiwan, France, Switzerland, Germany, United Kingdom, and the United States among others. An updated version of the Fakesky malware has been targeting users across the globe, cybersecurity firm Cybereason Nocturnus reported. The malware is capable of stealing user’s personal information including banking details as per reports.

“A new campaign is up and running using newly improved, significantly more powerful malware as compared to previous versions. FakeSpy is under active development and is evolving rapidly; new versions are released every week with additional evasion techniques and capabilities,” Cybereason said.

SMS phishing uses cell phone text messages to deliver the bait to induce people to divulge their personal information. Smishing attacks typically invite the user to click a link, call a phone number, or contact an email address provided by the attacker via SMS message. The victim is then invited to provide their private data; often, credentials to other websites or services.

This Fakesky malware also is somewhat the same, according to the reports, it was found that the malware uses a smishing or SMS-phishing attack to target users. It sends an SMS to the users that tells them to download an app that masquerades itself as a genuine postal service app.

Meanwhile, Once any user opens that infected app, it prompts two permissions from the users to allow. The first permission allows it to intercept every message received on the users’ device and send it to its servers, while the second permission allows it to work at full capacity even when the screen has been turned off and the phone has been locked.

And if a user allows these permissions then the threat actor can steal all your user and banking information present on the device. The researchers have claimed that the criminals behind this are the Chinese-speaking group hackers called “Roaming Mantis” which is responsible for operating this app in Asia.

The malware authors seem to be putting a lot of effort into improving this malware, bundling it with numerous new upgrades that make it more sophisticated, evasive, and well-equipped. These improvements render FakeSpy one of the most powerful information stealers on the market. We anticipate this malware to continue to evolve with additional new features; the only question now is when we will see the next wave.

Cybereason researchers said.

It is recommended not to install any apps or links that are sent to you by an unknown source. For more news on tech and cybersecurity stay tuned on Android Rookies by subscribing to our newsletter from here


About Author

Be Ready for the challenge

Notify of
Inline Feedbacks
View all comments