January 18, 2022
New Remote Access Trojan Smishing Malware Targets Android Devices to Victims' Empty Bank Accounts

Dangerous New Smishing Scheme Drains Victims’ Bank Accounts with just One Phone Call

A new smishing campaign uses remote access Trojan malware to take over victims’ devices and drain their bank accounts with a single phone call…

Cyber-criminals are effectively emptying victims’ bank accounts using a sophisticated smishing fraud scheme that deploys a dangerous remote access Trojan malware. Once installed, the malicious code goes to work, unpackaging itself and taking over victims’ devices without them even knowing it. The hackers then use this intimate control to gain access to victims’ money and steal it clandestinely.

New Remote Access Trojan Smishing Malware Targets Android Devices to Victims’ Empty Bank Accounts

This new fraud campaign is so scary because it tricks its victims into being willing participants in the scheme. It begins with victims receiving fake but legitimate-looking text messages that ostensibly come from their banking institutions. Like many other smishing frauds, this contains a link that prompts potential victims to download an anti-spam application. Targets are also informed that a representative from their bank will contact them shortly to walk them through the process. A real person then makes actual contact with the potential victim and uses a number of convincing social engineering tools in order to persuade him or her to download the app.

Once the person complies and downloads the app, a comprehensive remote access Trojan goes to work, totally taking over the individual’s device and giving control to the cyber thieves. Once the malware deploys it can do a number of things, including unlocking a locked screen, disabling Google Play Protect, intercepting text messages, capturing screenshots, fake two-factor authentication, and of course, mining all sorts of personal data from the compromised device. Obviously, this is everything the hackers need to access victims’ bank accounts and steal all of their money.

Fortunately, the scam has only been found in two regions, Brazil and Italy. Plus, it’s only able to infect Android devices at this time. However, it’s just another example of how ubiquitous threat vectors are in the modern digital world.

William Boleys

Will is an experienced freelance writer who covers a wide range of topics, including apps, social media, and search.

View all posts by William Boleys →