For the first time ever reported, hackers are using fake Base Transceiver Stations, devices normally installed in cell towers, to mass spread viruses to phones. Through the use of these fake cell towers Chinese hackers are distributing banking malware via SMiShing attacks.
SMiShing is an attack method similar to phishing except it uses spoofed numbers to send deceptive text messages in order to trick victims into sharing sensitive information or clicking malicious links to install malware. Through the use of these attacks, the hackers are spreading a banking malware long thought dead called “Swearing Trojan”. This virus, once installed, then attempts to further spread by sending the same message to everyone listed in the victims contacts.
The incoming message attempts to disguise itself as a Chinese telecom service provider, either China Mobile or China Unicom, and comes packaged with a link. This link, when clicked, sends users to a download page where they download the app containing the Swearing Trojan malware. After the download is finished it then prompts users to install.
The Trojan, once installed, is not only able to steal bank credentials and siphon data, but it can also bypass two step verification. Swearing Trojan has the ability to replace the users usual messaging SMS app with a malicious version that intercepts all incoming text messages. Even more frightening is how this Trojan avoids detection. This particular Trojan does not use any remote control server. What it does instead is use SMS and emails in order to communicate any stolen data that the hackers desire to them.
However, don’t panic quite yet as this method of attack has so far only been limited to Chinese users. Seeing as how this method is now known it could potentially spawn a new wave of attacks in many different places.
What are your thoughts on this? Leave them in the comments down below.
Source: The Hacker News