The recent Android malware impersonating the Google Chrome app has spread across millions of people in the last few weeks, as revealed by researchers. The fake application is used as a hybrid cyberattack campaign which leads to stealing important data through phishing.
How did it all start?
The researchers at Pradeo revealed that the attack started with the basic smishing gambit. The victim will receive an SMS that will ask for a custom fee to get a package delivery. If they have believed it to be true and clicked on the message, a message will appear specifying to update the Chrome app. If they agree to it, they will proceed to the malicious site responsible for hosting the app. In reality, you are downloading the malware on your phone by yourself.
Attracting your credit card details
After the above procedure, you will be taken to the phishing page closing the social engineering loop. A small amount will be asked from you, and you have to pay that. But the reason behind this is to attract your credit card details. The security solutions’ senior manager, Hank Schless, stated cyber terrorists are aware that individuals are accustomed to receiving alerts on every type of their smartphones or tablets.
So, they take full advantage of the familiarity to attract mobile users and convince them to download unwanted or malicious applications masked as legitimate ones.
How do phishing activities take place?
As a result, the attackers combine phishing techniques with the apps to bypass all security solutions, as revealed by Pradeo researchers. It can work on a basic level but can cause huge damage. All techniques used in preparing the malware are not at all advanced. But many basic things are included together to create a campaign that’s hard to detect. It spreads fastest and tricks a large section of users. It came to light after many European countries observed the threat. The rate at which it is propagating can go beyond the initial geography.
Viral propagation through fake chrome app
It is used as a propagation method, and after installation, it sends around 2000 messages per week to infect devices. So, all systems containing malware will send 300 messages every day. Once a person falls into the trap, it multiplies the propagation.
Using a Virtual Private Network
Do not delay and opt for a VPN connection so you can save yourself from falling into such traps. Privacyenbescherming is a suitable VPN solution that you can use to ensure security.