Mobile device users were called upon to pay attention to two additional threats to digital security, including one related to a spyware that exploits attention to social media, and one that, on the other hand, operates in the context of mobile banking.
Listen to this article
In the past few hours, two further threats to the digital security of users have brought the attention of employees and simple users to mobile devices, and to cautions (e.g. do not install apps from little-known sources, do not use cracked apps, do not click on the links proposed in the messages, etc) to be adopted to protect them.
The first report comes from the Threat Analysis Group of the Google Project Zero security division and concerns a spying tool created by the Italian RCS Labs, versed in the creation of spyware for government agencies, which would be particularly affecting both targets in Kazakhstan and Italy. All this would happen by inducing the user, taken by the fear that one of his social accounts (those mentioned are Facebook, Whatsapp, Instagram) has been blocked, to visit a page that, in the colors and logos, recalls that of Facebook, the well-known social network of Meta.
Once there, the victims of the RCS Labs spying tool would be led to download an app to restore the blocked account, with different results depending on whether the affected device is animated by Android or iOS. In the first case, the app, installed through the authorization of unknown sources, would then acquire access to the data of the affected user’s account, it would allow to read the external memories (if present), but also the list of contacts , and the status of the network.
On iOS, the spying tool, installed in sideloading after inducing the user to install a company certificate first, would have a minor impact in stealing information, since apps are run on the operating system of the bitten apple, for a matter of privacy, limiting interactions with other apps, in a sandbox, or in a sort of bubble.
The second threat was reported by the Italian security firm Cleafy and concerns the revived BRATA malware. Compared to the version of two months ago, which was hidden in common apps and manipulated antivirus, today’s variant, which is affecting Spanish, Italian, and British users, is hidden in the client of a well-known Italian bank, focusing on reading SMS. The new manifestation of BRATA would be easy to be implemented in apps and, consequently, to spread.