Man
Professional
- Messages
- 3,087
- Reaction score
- 627
- Points
- 113
When malicious code comes not through the Internet, but in a postal envelope.
Residents of Switzerland massively report the receipt of paper letters allegedly from the Federal Office of Meteorology and Climatology MeteoSwiss. The letters offer to download a "weather warning application" using a QR code. However, instead of the application, malware is downloaded to the smartphone.
Scan of a paper letter sent by attackers
The National Cyber Security Center (NCSC) and the Federal Civil Protection Administration (FOCP) confirm that these emails are fake. Scammers are trying to download a virus called "Coper" (or "Octo2") to users' phones, which steals data from more than 380 apps, including banking apps.
The fake app masquerades as the official Alertswiss app used to alert the public. However, there are notable differences: on the fake app, the icon is different and has a different spelling - "AlertSwiss" instead of "Alertswiss". Visually, it also looks different: the icon of the fake is rectangular on a white background, while the original is round.
The malware exclusively targets devices with the Android operating system. Once the virus is on a smartphone, it tries to access sensitive data such as accounts and bank passwords. Device owners are advised to carefully check the origin of any emails and applications before scanning QR codes.
The NCSC invites all recipients of such letters to send a complaint through a special form on the website, and then destroy the letter. And all those who accidentally installed a fake application are advised to reset the device to factory settings to remove the virus from the gadget's memory.
Source
Residents of Switzerland massively report the receipt of paper letters allegedly from the Federal Office of Meteorology and Climatology MeteoSwiss. The letters offer to download a "weather warning application" using a QR code. However, instead of the application, malware is downloaded to the smartphone.
Scan of a paper letter sent by attackers
The National Cyber Security Center (NCSC) and the Federal Civil Protection Administration (FOCP) confirm that these emails are fake. Scammers are trying to download a virus called "Coper" (or "Octo2") to users' phones, which steals data from more than 380 apps, including banking apps.
The fake app masquerades as the official Alertswiss app used to alert the public. However, there are notable differences: on the fake app, the icon is different and has a different spelling - "AlertSwiss" instead of "Alertswiss". Visually, it also looks different: the icon of the fake is rectangular on a white background, while the original is round.
The malware exclusively targets devices with the Android operating system. Once the virus is on a smartphone, it tries to access sensitive data such as accounts and bank passwords. Device owners are advised to carefully check the origin of any emails and applications before scanning QR codes.
The NCSC invites all recipients of such letters to send a complaint through a special form on the website, and then destroy the letter. And all those who accidentally installed a fake application are advised to reset the device to factory settings to remove the virus from the gadget's memory.
Source
