Thousand of people has already been target to a new android malware. It poses as the google chrome app and steals credential of the users by using smishing. This app also uses various techniques help it to evade the mobile security solutions.
The campaign caught the eyes of the researchers first on May in multiple countries of Europe countries. They suspect that the malware has been spreading in other countries because of its rate of propagation.
- The victims receive a message which requests them to pay some custom fees to release the delivery of package. On clicking onto the link, the message urges the user to update the chrome app.
- The users are then redirected to a malicious website which resembles the updating of the chrome, which is actually the imposter application getting downloaded in the phone. The victims are then requested to pay a small fee, which is a method to collect the credit card credentials of the target.
The fake chrome app which is used for propagation of the malware. The app is capable of sending 2000 sms per week using the victim’s device following a sequential pattern. Interestingly, the app is able to hide itself in the device since it uses the name and icon of google chrome.
The several techniques used by this malware helps it attack the target more efficiently and evade detection. Thus mobile users are recommended to use proper mobile security solution to stay safe.