SMS Phishing Attack Affect Android Users(Dangerous Attack)

As we all know, phishing is very dangerous attack on the internet world and now phishing has gone into mobile. right now we have sms phishing method, which can affect all your device and hack into your privacy anywhere around the world. The malicious actions were very similar to RuMMS campaign which was aimed at the Russian segment. Unlike RuMMS, described in 3 campaigns which were using the user’s screen spoofing technique. Attackers display the fake user interface of the application instead of the bank and intercepted credentials for accessing online banking.

SMS Phishing Attack Affect Android Users(Dangerous Attack)

Attackers initially organize the work of C & C servers and sites that to distribute malware, and then send out the victims of SMS messages containing a link to the malicious software. After contact with the system Trojan scans the victim’s device, and monitors the applications running in the background.

However, malicious activity is not stopped in May. From February to June 2016, researchers found more than 55 modifications of malware propagating across the Europe: Denmark, Italy, Germany, Austria, etc. Unlike RuMMS, the current campaign is not only using the free hosting to host malware. As the attackers register domain names, use a shortened Bit.ly link service and compromised websites. In June, in addition to the arsenal of Bit.ly intruders appeared, such as the URL shortening service tr.im, jar.mar and is.gd.

FireEye Security Experts found 12 C & C servers hosted in 5 countries. The server with the IP-address “85.93.5.109 24” containing malicious applications which were used in two campaigns, “85.93.5.139” used in 8 applications. In addition, the 4 C & C servers are located on a subnet “85.93.5.0/24”. This indicates the presence of control over the network resources on the network segment.

As we all know that the URL shortening services usually provide link analytics services, which allows us to collect data on how many users from which countries clicked the particular short links and when it happened. Hence, using these services, the security company FireEye found there have been at least 161,349 clicks on the 30 short links redirecting to the overlay malware and each of which can drive to the infection of one Android device.

Hope you like this post(SMS Phishing Attack Affect Android Users(Dangerous Attack)). kindly share and make comments.