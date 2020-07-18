- Advertisement -

Chinese hackers are targeting Android phones using a fresh piece of malware that tries to deceive people into clicking on a”missed delivery” text — the kind of writing that’s no doubt become especially familiar to individuals throughout the coronavirus pandemic since they spend more time in the home and ordering items for delivery.

The text is a phishing scam that permits everything from stealing bank information to a user’s contact list.

It is being committed, according to cybersecurity researchers, with a group of hackers operating under the”Roaming Mantis” collective.

Another day, yet another nasty new bit of malware to be aware of — this time, according to cybersecurity researchers at Cybereason, it is malware which uses a”missed delivery” text into phish its unsuspecting recipients.

There’s been a spate of these episodes lately, requiring everything from sketchy apps located in the Google Play Store to the presence of undeletable, malicious files and apps within Android phones. After investigating this latest malfeasance, Cybereason’s team discovered that it’s a Chinese-speaking set of hackers working under the banner of”Roaming Mantis” that’s supporting this so-called FakeSpy malware effort.

“FakeSpy has been in the wild as 2017; this newest campaign indicates that it has become stronger,” that the Cybereason staff notes. “Code advances, new capabilities, anti-emulation techniques, and brand new, global goals all suggest that this malware is well-maintained by its authors and continues to evolve.”

According to the study, FakeSpy can exfiltrate and send SMS messages, besides concealing reading account info, financial information, and contact lists. Users are tricked into clicking a text message telling them of a delivery, which guides an Android program package to be downloaded by them. That is being used to target Android users all over the world, such as from the US thanks to this malware’s capacity to send messages which purport to be in the US Postal Service.

“Roaming Mantis” sounds the name of a villain from a movie, but it is, in fact, the moniker of a Chinese threat actor group that’s been in existence for a couple of decades now and has continued to evolve. They used to target nations mostly but have expanded to strike at victims throughout the world.

What can you do to protect yourself? Cybereason senior director and head of threat research Assaf Dahan advised ZDNet which individuals should be suspicious of SMS messages which contain links. “When they do click on a link,” Dahan said, “they need to look at the credibility of the page, start looking for typos or incorrect site title, and most of all — avoid downloading programs from stores that are unofficial.” These practices may protect you from accidentally downloading malicious apps, much more, and getting phished by clicking dodgy text message links.