A malware behind this SMS "Your package has been sent. Please check it and receive it. »
Lately, we have seen the proliferation of a message.
A message that security experts say hides malware. A pretty creative act once again on the part of cybercrime.
This article will also interest you: SMS piracy is a reality!
One can cite the number of times when hackers use means smart and sophisticated enough to deceive the average user. These attempts are different however it clearly differs from the skill of hackers to surf the wave. This new attempt is happening on Facebook. She begins with this text message: "Your package has been sent. Please check it and receive it. ». This Message, it should be noted, has been received by several users in particular French since the beginning of April. Usually, in a technique that ranks in the phishing category, there is always a link that is at the end of the message. This is exactly the case here and mine is "tinyurl". So this one doesn't shy away from it.
Behind the said link, there is actually a malicious program. Of course the message when received, it is clearly difficult to determine in advance who is the criminal who may be originally the name of his mailing. One can be deceived by switching to a delivery service or to any seller. On closer inspection, The message makes you doubt that the number that sends it is a French number.
The malware behind this message is classified as "banker" software, in other words Malware, which specializes in stealing banking information. During the month of March 2021, we had already observed the presence of 9 malware of this kind that were a little scattered and targeted especially Android users. Of course the goal is simple: to collect enough financial information to empty the victim's bank account. Associated with this sms that has a strong potential to attract the curiosity of the Internet user, the effectiveness is more than confirm. "Despite its dangerous capabilities, this malware is relatively uncomplicated compared to other software in its family. The most developed bankers set up more subtle means of collecting banking information than a simple phishing: some clone the banks' apps, others record keystrokes on the smartphone keyboard, others are able to take screenshots. According to the cyberwarfare platform.
This could have betrayed hackers, it was when they asked users who click on the link to install on their smartphone: "In order to have a better experience, please update your Chrome browser to the latest version. It's on the website. On top of that, the file that had to be downloaded has a rather strange name: "mxpcqpgjyk.apk". Some pretty blatant elements that totally discredited the attempt.
Now access an unlimited number of passwords: