Stories
Slash Boxes
Comments

SoylentNews is people

Malware Attacks iPhones and Android

posted by janrinok on Saturday November 07 2020, @02:39PM   Printer-friendly
from the let's-be-careful-out-there dept.

upstart writes in with an IRC submission:

Nasty malware attacks iPhones and Android:

A notorious piece of mobile malware that has ravaged Asia for several years is now setting its sights on the United States, targeting both iOS and Android devices according to Kaspersky.

Wroba, aka Roaming Mantis, was first found by Malwarebytes researchers in 2013 attacking South Korean phones, and it's since moved on to the rest of Asia and made inroads in Europe. At base, it's a banking Trojan that infects Android phones and tries to steal files, passwords, contact lists and messages, open web pages, make calls and send SMS text messages. But it's now attacking iPhones too.

At base, it's a banking Trojan that infects Android phones and tries to steal files, passwords, contact lists and messages, open web pages, make calls and send SMS text messages. But it's now attacking iPhones too.

In the current campaign, noticed in the U.S. by Kaspersky researchers last week, infected devices send "smishing" — SMS phishing — texts to the users' contacts.

The messages notify the next generation of potential victims that "your parcel has been sent out" and that they need to click on the embedded link to learn where to pick up said parcels. It's a tried-and-true phishing technique that we've recently seen used in other campaigns.

If you're on an Android phone, the link takes you to a page where you're invited to "update" your Chrome browser — and the update is actually the malware. If you're on an iPhone, you don't get malware, but you're taken to what looks like an Apple login page, where you're supposed to enter your Apple username and password. Don't.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Malware Attacks iPhones and Android | Log In/Create an Account | Top | 7 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Sunday November 08 2020, @03:59AM

    by Anonymous Coward on Sunday November 08 2020, @03:59AM (#1074542)

    What would rattle me is that they have ever had access at all. Even if ten years ago.

      Admittedly, my trust on the net is nearly zero, I use anonymous throwaway phones to access it, which I kinda view as a condom.

    I am old, I have been waylaied by even the first BBS shared annoyance, the ANSI text bomb. I have had a distrust of mixing code and data ever since.

    I have been a student of +Fravia, +ORC, CDC, and +HCU. If these acronyms are unfamiliar, look them up. You will learn something that the MBA never knew even existed.

    And I used to work for an aerospace company, that became corporate, and apparently lost every awareness of what their adversary looked like.

    My frustration with DRM, coupled with "hold harmless" clauses, was seen as a bad attitude on my part by management. So I did not last long. I never understood security theater. I was of the firm belief that "security by obscurity is not security at all."

    Now, all of our stuff is full of backdoors. I am quite sure all who have an interest know about them too.

    All that gun twirling, saluting, and displays of rank did not mean that much to me. To me, it was like selecting a head bolt for an engine. The bolt used for the garden gate, although prettily polished, simply would not do.

    I gave a damm. I now collect social security. I had rather stayed where I thought I could do some good.

    But I also know that there comes a time when men, regardless of their experience, have to be put to pasture , their life experiences no longer germane.

    Now, it's "show them the badge!". And we think that is enough.

    It isn't. They will come back with something you did not know even existed.