The Cyber Security Agency of Singapore (CSA) issued an alert on 06 August 2024 about mobile malware that can scan SMS messages to retrieve one-time passwords (OTPs).
Image: Shutterstock/rafapress
These OTPs are designed as an extra layer of security for sensitive data and applications.
Reports indicate a global campaign targeting Android users with SMS stealer malware. This malware specifically targets OTPs used for account registrations and two-factor authentications. The malware spreads through two primary methods: malicious advertisements (known as "malvertisements") and Telegram bots.
Android Malware Distribution Methods
Image: Bleeping Computer
Malvertisements: These deceptive ads contain links leading to a webpage impersonating the Google Play Store. The webpage showcases inflated download counts of a malware app, enticing users to download the SMS stealer, which masquerades as a legitimate app.
Telegram Bots: These bots offer pirated Android applications that would normally require payment, in exchange for the user's phone number. A personalized APK file is then generated, allowing for future targeted attacks.
How It Works
Image: Wultra
Once installed, the SMS stealer malware requests access to the victim's SMS function. This access enables the malware to capture OTPs and potentially other sensitive information, allowing threat actors to carry out further fraudulent activities. This can lead to more victims due to compromised devices or phone numbers.
Protection Measures for Android Users
Image: Pixabay
To safeguard against such malware, Android users should take the following precautions:
Install Apps Only from Official Sources: Download applications exclusively from the Google Play Store. Verify developer information and ensure the app is developed by an official developer.
Enable Play Protect: Keep the Play Protect function enabled to run safety checks on apps from the Google Play Store before downloading.
Review Permissions and Privacy Policies: Be cautious of applications requesting unnecessary permissions, such as access to SMS or contacts.
Uninstall Unknown Applications: Remove any unfamiliar apps that appear on your device.
Perform Anti-Virus Scans: Regularly scan your device with antivirus software and maintain backups of important data.
Update Regularly: Ensure your device's operating system and applications are up-to-date with the latest security patches.
By staying vigilant and following these guidelines, Android users can better protect their devices from SMS stealer malware and other mobile threats.