If security solutions improve, hackers are no different, always inventing new threats and updating existing ones, as documented in the last two malware campaigns just documented by security experts.
Listen to this article
Attacks on users are continuing, especially on the mobile side and on Android, no doubt due to the mainstream and majority nature of this operating system. Here, in confirmation of this assumption, are two further digital threats, just reported by the security houses, to watch your back against.
The first cyber threat of this new security-themed recap concerns an alarm just released by Microsoft’s 365 Defender Research Team which, specifically, identified a significant circulation of scam apps aimed at running “tariff scams” that increase the monthly cost of their own mobile subscription. Specifically, these malware are hidden in messaging applications, to customize the background, in graphic editors and for beautifying photos, in fake antivirus and apps to clean up mobile devices from junk files: according to what has been disclosed, malicious apps that act as “incubators” share the same interface, even in terms of icons and buttons, often use fake emails and developer names, and may have spelling or grammatical errors.
Once one of these apps is in action (it will be possible to realize that the autonomy of the phone will deteriorate, there will be connectivity problems, the phone will heat up easily, there will be numerous pop-up ads), the malware responsible of the attack make sure that the user is subscribed to one of the target operators, since they only affect specific ones.
Once this step has been completed, given the need to use the WAP (Wireless Application Protocol), the hackers deactivate the Wi-Fi, or force the mobile connection even in the presence of the Wi-Fi one, or wait for it to be out of range of a network domestic: at that point they act by subscribing users to very salty paid services, avoiding their knowledge as they intercept the single-use OTP authorization codes, and suppress notifications relating to their sending. Microsoft has advised, as a security solution, not to download apps from sources outside the Play Store and not to grant accessibility permissions, notifications and SMS management, at least without understanding the “reason why the application he needs”.
Another security report, published by the French security company Sokoia, has alarmed against the change in the data stealer Raccoon Stealer which, now in the 2.0 edition, is rewritten from scratch (back-end and front-end), in C / C ++: in its new guise, the data-stealing virus not only steals the list of installed apps, various browser data (passwords, login data, cookies, saved credit card data), individual files, data of famous digital wallets (eg. MetaMask, Exodus, TronLink, Ronin, BinanceChain, Electrum, Atomic, Binance, ElectronCash, JaxxLiberty, Coinomi), but also takes screenshots and records everything you type on the virtual keyboard.
In this case, as a precaution, it is best not to click on links in suspicious emails or SMS, keep an antivirus updated locally, update the operating system and browser in use, download apps from official sources.