https://www.cyberscoop.com/fakespy-android-cybereason-postal-service/
By Sean Lyngaas
CYBERSCOOP
July 1, 2020
Two years ago, when researchers at antivirus company Trend Micro reported
on a new mobile data-stealing kit known as FakeSpy, they warned there
could be more to come from the hackers.
Directing the Android-focused malware at users outside of South Korea and
Japan, where it was discovered, would simply be a matter of reconfiguring
the code, the researchers said.
That’s exactly what happened.
On Wednesday, another set of researchers, from security company
Cybereason, revealed how FakeSpy’s operators have been impersonating
various postal services in attacks on users in the U.S., China and Europe
in the last several weeks. The hackers have taken aim at thousands of
users with the help of phony text messages that, if clicked, install code
capable of siphoning off financial data from mobile applications.
The findings show how, with an effective mobile malware kit written,
hackers can tweak the code to target different parts of the world and see
which attacks are the most profitable. And by sending text messages, they
don’t have to break into the Google Play Store to plant their code.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
Follow InfoSec News on Twitter
https://twitter.com/infosecnews_
Follow InfoSec News on LinkedIn
https://www.linkedin.com/company/infosecnews/
