Carding Forum
Professional
- Messages
- 2,788
- Reaction score
- 1,174
- Points
- 113
Zimperium reveals a large-scale campaign to intercept SMS messages.
In a recent report, experts from the company Zimperium reported the discovery in cyberspace of about 107,000 unique samples of malicious applications used to steal SMS messages from users.
The main goal of hackers was to intercept one-time passwords (OTP) used to verify online accounts. With their help, attackers can easily carry out a variety of attacks, as well as earn money by providing infected devices for rent.
The malware identified by Zimperium has been monitoring the one-time passwords of users of more than 600 global brands since 2022. Victims of the campaign were recorded in 113 countries, with India and Russia leading the way, followed by Brazil, Mexico, the United States, Ukraine, Spain and Turkey.
Infection occurs by installing a malicious app on your smartphone, which users download on their own devices, misled by ads that mimic the Google Play Store, or an extensive network of 2,600 fraudulent Telegram bots posing as legitimate services. After installation, the app requests permission to access incoming SMS messages and then continuously transmits them to one of the 13 command servers.
The researchers note that after installation, the malware remains hidden and does not reveal itself in any way, even during the interception of SMS messages. Who exactly is behind this operation is still unknown, but experts can say for sure that the criminals are targeting one-time OTP codes.
It is reported that attackers make good money on their malicious activities. They actively use a service called Fast SMS, which allows customers to buy access to virtual phone numbers. Apparently, phone numbers associated with infected devices were sold to the service without the owners ' knowledge to register various online accounts.
In 2022, Trend Micro already covered a similar financially motivated service that combined Android devices into a botnet for mass registration of one-time accounts or creating phone-verified accounts to commit fraud and other criminal activities.
To sum up, SMS theft campaigns pose a serious threat to users and organizations. The malicious operation identified by Zimperium highlights the growing risks, as well as the need for comprehensive protection of mobile devices. It is extremely important to use advanced technologies to detect threats, as well as to raise awareness among users about the potential risks of such attacks.
Source
In a recent report, experts from the company Zimperium reported the discovery in cyberspace of about 107,000 unique samples of malicious applications used to steal SMS messages from users.
The main goal of hackers was to intercept one-time passwords (OTP) used to verify online accounts. With their help, attackers can easily carry out a variety of attacks, as well as earn money by providing infected devices for rent.
The malware identified by Zimperium has been monitoring the one-time passwords of users of more than 600 global brands since 2022. Victims of the campaign were recorded in 113 countries, with India and Russia leading the way, followed by Brazil, Mexico, the United States, Ukraine, Spain and Turkey.
Infection occurs by installing a malicious app on your smartphone, which users download on their own devices, misled by ads that mimic the Google Play Store, or an extensive network of 2,600 fraudulent Telegram bots posing as legitimate services. After installation, the app requests permission to access incoming SMS messages and then continuously transmits them to one of the 13 command servers.
The researchers note that after installation, the malware remains hidden and does not reveal itself in any way, even during the interception of SMS messages. Who exactly is behind this operation is still unknown, but experts can say for sure that the criminals are targeting one-time OTP codes.
It is reported that attackers make good money on their malicious activities. They actively use a service called Fast SMS, which allows customers to buy access to virtual phone numbers. Apparently, phone numbers associated with infected devices were sold to the service without the owners ' knowledge to register various online accounts.
In 2022, Trend Micro already covered a similar financially motivated service that combined Android devices into a botnet for mass registration of one-time accounts or creating phone-verified accounts to commit fraud and other criminal activities.
To sum up, SMS theft campaigns pose a serious threat to users and organizations. The malicious operation identified by Zimperium highlights the growing risks, as well as the need for comprehensive protection of mobile devices. It is extremely important to use advanced technologies to detect threats, as well as to raise awareness among users about the potential risks of such attacks.
Source
