Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Saturday November 07 2020, @02:39PM   Printer-friendly
from the let's-be-careful-out-there dept.

Nasty malware attacks iPhones and Android:

A notorious piece of mobile malware that has ravaged Asia for several years is now setting its sights on the United States, targeting both iOS and Android devices according to Kaspersky.

Wroba, aka Roaming Mantis, was first found by Malwarebytes researchers in 2013 attacking South Korean phones, and it's since moved on to the rest of Asia and made inroads in Europe. At base, it's a banking Trojan that infects Android phones and tries to steal files, passwords, contact lists and messages, open web pages, make calls and send SMS text messages. But it's now attacking iPhones too.

At base, it's a banking Trojan that infects Android phones and tries to steal files, passwords, contact lists and messages, open web pages, make calls and send SMS text messages. But it's now attacking iPhones too.

In the current campaign, noticed in the U.S. by Kaspersky researchers last week, infected devices send "smishing" — SMS phishing — texts to the users' contacts.

The messages notify the next generation of potential victims that "your parcel has been sent out" and that they need to click on the embedded link to learn where to pick up said parcels. It's a tried-and-true phishing technique that we've recently seen used in other campaigns.

If you're on an Android phone, the link takes you to a page where you're invited to "update" your Chrome browser — and the update is actually the malware. If you're on an iPhone, you don't get malware, but you're taken to what looks like an Apple login page, where you're supposed to enter your Apple username and password. Don't.


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 2) by hendrikboom on Saturday November 07 2020, @02:46PM (3 children)

    by hendrikboom (1125) on Saturday November 07 2020, @02:46PM (#1074125) Homepage Journal

    I keep getting messages telling me they've observed my racy internet browsing and as proof they have access to my computer they tell me my login password.
    This sounds like very targeted spearphishing.
    Trouble is, they've got the wrong password.

    -- hendrik

    • (Score: 1, Funny) by Anonymous Coward on Saturday November 07 2020, @04:48PM

      by Anonymous Coward on Saturday November 07 2020, @04:48PM (#1074165)

      I just get unwanted messages from my boss.

    • (Score: 0) by Anonymous Coward on Saturday November 07 2020, @06:03PM (1 child)

      by Anonymous Coward on Saturday November 07 2020, @06:03PM (#1074189)

      There were a bunch of major password leaks over the years (for example, if you had a LinkedIn account before 2012).
      I got hit with an email like that, which was a bit spooky until I realized that the password they had was from literally 10 years ago.
      Check your account names on haveibeenpwned to see what leak they probably got the info from.

      If you use the same password on multiple sites, this attack is very, very effective. Otherwise, it's basically nothing.

      • (Score: 0) by Anonymous Coward on Sunday November 08 2020, @03:59AM

        by Anonymous Coward on Sunday November 08 2020, @03:59AM (#1074542)

        What would rattle me is that they have ever had access at all. Even if ten years ago.

          Admittedly, my trust on the net is nearly zero, I use anonymous throwaway phones to access it, which I kinda view as a condom.

        I am old, I have been waylaied by even the first BBS shared annoyance, the ANSI text bomb. I have had a distrust of mixing code and data ever since.

        I have been a student of +Fravia, +ORC, CDC, and +HCU. If these acronyms are unfamiliar, look them up. You will learn something that the MBA never knew even existed.

        And I used to work for an aerospace company, that became corporate, and apparently lost every awareness of what their adversary looked like.

        My frustration with DRM, coupled with "hold harmless" clauses, was seen as a bad attitude on my part by management. So I did not last long. I never understood security theater. I was of the firm belief that "security by obscurity is not security at all."

        Now, all of our stuff is full of backdoors. I am quite sure all who have an interest know about them too.

        All that gun twirling, saluting, and displays of rank did not mean that much to me. To me, it was like selecting a head bolt for an engine. The bolt used for the garden gate, although prettily polished, simply would not do.

        I gave a damm. I now collect social security. I had rather stayed where I thought I could do some good.

        But I also know that there comes a time when men, regardless of their experience, have to be put to pasture , their life experiences no longer germane.

        Now, it's "show them the badge!". And we think that is enough.

        It isn't. They will come back with something you did not know even existed.

  • (Score: 3, Touché) by helel on Saturday November 07 2020, @03:40PM

    by helel (2949) on Saturday November 07 2020, @03:40PM (#1074150)

    I love how low the bar is for "malware" on ios.

  • (Score: 4, Interesting) by MostCynical on Saturday November 07 2020, @06:57PM

    by MostCynical (2589) on Saturday November 07 2020, @06:57PM (#1074211) Journal

    LineageOS on a 2017 A5.
    no Chrome
    minimal Google (becaue not everything can be side-loaded)

    No clicking on links in SMS,,,, if a courier or anyone sends me a link, and if I am expecting it and if it looks like it may be useul..I email it to my safe email account and use my laptop to check the site.

    Links in emails and SMS are there to be ignored and deleted on my personal laptop and phone

    Work - well, they insist on document sharing via email, and links to videos and chats fly thick and fast.. but it is both from *known* email accounts and if it goes wrong, the company can deal with it.

    Also Personal - personal laptop / Work - work laptop.

    --
    "I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
  • (Score: 3, Interesting) by Common Joe on Sunday November 08 2020, @09:06AM

    by Common Joe (33) <reversethis-{moc ... 1010.eoj.nommoc}> on Sunday November 08 2020, @09:06AM (#1074602) Journal

    "Smishing" for SMS phishing? Who comes up with these stupid words?

    I hadn't heard of it before, but a quick google shows that apparently it's at thing.

    There's "vishing [vrbo.com]" too for voice phishing. Like our lives needed to be made needlessly more complicated.

    Or maybe I just inadvertently joined the "get off my lawn crowd".

(1)