Skip to content

These are the 5 most common mobile malware in 2022

Estos son los 5 malware para móviles más comunes en 2022

Towards the end of 2021, experts detected a sharp drop in the shipment of malware, but according to a report prepared by the cybersecurity company Proofpoint, in 2022 we are seeing an increase of up to 500% in this type of virus for mobile devices in Europe .

The most consistent increase has been seen especially insmishing’ attempts , a phishing-type malware that is transmitted via SMS or text messages. In essence, a smishing link will attempt to trick the user into entering their credentials on a fake login page, thereby stealing their passwords, bank details, and sensitive personal information.

The 5 most common malware for mobile devices

According to Proofpoint’s Cloudmark Mobile Threat Research report, attacks are carried out from regions around the world, using different social engineering techniques and attack vectors to deliver malware to the user’s device.

When it comes to smishing, the most buoyant type of smartphone virus today, these are the main malware families that use SMS as their main threat vector.

FluBot

This worm-like malware was first identified in Spain in November 2020. FluBot spreads by accessing the device’s contact list and sending all information and phone numbers to a command and control (C&C) server. From there, that server is responsible for sending new infected messages to the numbers on the contact list.

Once it has infected the FluBot device, it can access the internet, read and send messages, read notifications, make voice calls, and even remove other applications. Furthermore, when the user uses other selected applications, this malware overlays a screen designed to steal the usernames and passwords of banks, stock brokers and the like.

TeaBot

TeaBot is a multifunctional Trojan first detected in Italy, capable of stealing credentials and messages. This virus also allows the attacker to transmit the screen content of the infected device.

TeaBot’s specialty is bank details, which is why it is preconfigured to steal credentials through more than 60 European banks, as well as being adapted for several languages. It has mainly been addressed to financial institutions in Spain and Germany.

TeaBot’s propagation method is via SMS text messages very similar to FluBot’s, allowing it to compromise accounts and steal funds from victims.

TangleBot

Powerful and elusive malware that spreads mainly through fake package delivery notifications (such as Amazon and other online stores). This virus was originally detected in North America in 2021 and has recently also appeared in Turkey, although its attacks remain rare.

In addition to its ability to remotely control devices and overlay other mobile apps for data theft, TangleBot is also capable of intercepting the camera and microphone of the infected device.

Moqhao

Moqhao is another SMS-based malware deployed by the Roaming Mantis cybercriminal group. It has been detected in several Asian countries such as Japan, China, India or Russia, and more recently it has also appeared in France and Germany.

The attacks are multilingual, and the target web pages are adapted to the recipient’s language. This virus is a functional remote access Trojan with espionage and exfiltration features, capable of monitoring device communications.

BROTHER

BRATA is mobile banking malware primarily targeting Italian bank customers and uses SMS messages to trick the user into downloading a fake security app.

Once installed, BRATA can record phone screen activity and insert app overlays to steal the victim’s credentials.

As we mentioned a couple of months ago in THIS OTHER POST, BRATA currently has 3 variants, BRATA.A, BRATA.B and BRATA.C, each one more harmful, being even capable of resetting the user’s mobile so as not to Leave footprints. In recent months, in addition to Italy, it has also been deployed in other countries such as Spain, Latin America, Poland, China and the United Kingdom.

Protect your Android against malware attacks

As we can extract from the report published by Proofpoint, we see that Android is the main operating system targeted by these malware attacks.

Image: proofpoint.com

The best thing we can do to avoid falling for this type of deception is to be suspicious of any unsolicited SMS, not to click on any link or provide any personal data through these channels, and if in doubt, always contact our bank.

Source link

Leave a Reply

Your email address will not be published.