There are many malware campaigns that can compromise security and allow hackers to steal passwords or personal data. In this case, we are reporting on a campaign that affects Spain, among other countries, and has the ability to steal SMS. In this way, the attacker could access your accounts and put your privacy at risk. We are going to tell you how you can avoid it.
It affects Android devices. What the attackers do is use Telegram bots and thus sneak malware into the phones. This malicious software is responsible for stealing the SMS and that’s where the problem begins. The latter is what allows them to access accounts of all kinds and be able to enter fraudulently.
Campaign to steal SMS
Specifically, by stealing SMS, they can access two-step authentication codes. This is what allows you to log into an account, beyond entering the password. This can be used to access social networks, online stores and many other platforms that have this type of login method. In fact, there are more than 600 services that can be stolen through this malware campaign.
The method used by attackers to sneak in this malware is through malicious advertising or Telegram bots. As is often the case, it pretends to be a legitimate download of some Android program. They even have the ability to impersonate Google Play, even though it is actually a fraudulent platform. This is where fraudulent ads come into play, which aim to offer this supposed application.
On the other hand, there are messages via Telegram. These are bots, which pretend to be legitimate users and begin to gain the trust of the victim. When the time comes, they will invite them to access a link to download a pirated program, without having to pay. In this way, they send them the installation APK file that, in reality, contains malware.
This campaign targets more than 100 countries, including Spain. They simply want to access SMS and, in this way, control the two-step authentication codes. This is a major problem.
Protect yourself
What can you do to protect yourself? Without a doubt, the most important thing is to not fall into the trap. As we have explained, they will basically use two strategies to sneak a fake application in: fraudulent ads and Telegram bots. In both cases, they will try to get you to download the program and install it. If you don’t do that, you have a lot to gain for your safety.
It’s also vital that you keep your device up to date. In many cases, hackers will take advantage of vulnerabilities that exist either in the operating system or in an application. By installing the latest versions, you can avoid these problems and reduce the risk of attacks.
In addition, installing a good antivirus can help detect the entry of malicious software. There are many options and you will find both free and paid ones. It is essential that you choose a quality one that works well and does not pose a limitation.
In short, beware of this new malware campaign that seeks to steal SMS and access your accounts with multiple authentication codes. Detecting fraudulent mobile messages is also important to avoid problems.
