At this point, I get so many spam calls that my blood pressure rises when numbers show up on my phone’s call screen. A new piece of Android malware seems to be designed around that instinctive revulsion, injecting fake contacts into your phone to make spam and scam calls look legitimate. It’s brilliant, in the evil way that only scammers can be.
This is a new variation on the known Crocodilus malware, which has a primary function of taking over an Android phone to find and steal crypto wallet info. But the new behavior, discovered by Threat Fabric, is particularly interesting. According to the report (spotted by BleepingComputer), the novel behavior of the malware creates fake entries in a user’s Contacts list. The idea is clever: instead of seeing an unknown number, you see a name like “Bank Support,” and it’s meant to put you at ease so you’re more vulnerable to social engineering attacks.
Crocodilus’ main functions appear to still be focused on theft of cryptocurrency and banking info, with malicious Facebook ads focusing on users in Turkey but expanding to larger operations in Europe, South America, and the United States. The social engineering aspect of the malware appears to be an afterthought… but it makes sense. If you have a Trojan program loaded onto someone’s phone and you’ve found that they have vulnerable bank accounts or crypto wallets, you might try passing their info off to a social engineering team to see if you can steal anything else of value. (Geez, it feels weird to think about this from the perspective of a hacker. I need a shower.)
So far, the Crocodilus malware has only been observed on Android, and only seen in delivery form via unsecured “sideload” installations. But spoofing contact data on the user side—as opposed to faking caller ID info—is a novel means of attack.
Keep this attack vector in mind. There’s no reason the same techniques couldn’t be used for, say, a phishing email via faked contacts in Gmail or Outlook. And no matter what operating system you’re using, don’t download apps from sketchy advertisements.
This articles is written by : Nermeen Nabil Khear Abdelmalak
All rights reserved to : USAGOLDMIES . www.usagoldmines.com
You can Enjoy surfing our website categories and read more content in many fields you may like .
Why USAGoldMines ?
USAGoldMines is a comprehensive website offering the latest in financial, crypto, and technical news. With specialized sections for each category, it provides readers with up-to-date market insights, investment trends, and technological advancements, making it a valuable resource for investors and enthusiasts in the fast-paced financial world.