Both Android and iOS users must be wary of these malicious codes
Besides the Android platform, recent campaigns of cybercriminals have also begun to attack iOS users.
Against the backdrop of the growing use of mobile banking in the Asia-Pacific (APAC) region, global cybersecurity company Kaspersky warns of more attacks targeting Android and iOS devices .
At the 8th Kaspersky Cyber Security Weekend event, Mr. Suguru Ishimaru - senior malware researcher of the Global Research and Analysis Group (GReAT) at Kaspersky, answered the question: “What is it? What would happen without smart mobile devices?”. Through sharing the fact that users cannot live without mobile devices, he provides analysis of the latest malware targeting users in APAC: Anubis and Roaming Mantis.
Malware is increasingly threatening the finances of mobile users. (Illustration)
Anubis: Combination of mobile banking trojan and ransomware
Mobile banking Trojans are among the most dangerous types of malware. They can steal money from users' bank accounts by disguising themselves as legitimate apps to trick users into installing malware. Active monitoring from Kaspersky shows that the Anubis trojan is currently a combination of a mobile banking trojan and features of ransomware on smart mobile devices.
Anubis is a mobile banking trojan targeting Android devices since 2017. Users in Russia, Turkey, India, China, Colombia, France, Germany, USA, Denmark and Vietnam were targeted by the campaign. this scam. According to the latest Kaspersky statistics, in the second quarter of 2022, 10.48% of Kaspersky users globally have faced Anubis.
The initial infection is carried out through various ways such as malwares with a trusted look and a high rating on Google Play, phishing messages sent via SMS and another mobile banking trojan - Bian malware.
Once infiltrated, malicious code can completely take control of the device. They will steal personal information and user identities, access private messages, login information, recordings, GPS location or turn off Play Protect feature, lock the device's screen, ...
Anubis is known for its ability to compromise hundreds of bank customers in each campaign, proving it to be one of the most active malware targeting Android users, said Suguru Ishimaru. Currently.
“Our recent findings suggest that the cybercriminals behind this threat have begun to carry out ransom acts. If tweaking the working mechanism works, chances are other scam groups will copy this method. Therefore, I see that similar attacks will appear more in APAC, stemming from the strong financial motivation of cybercriminals,” he warned.
Threat to Android and iOS users: Roaming Mantis
Roaming Mantis is another common threat targeting mobile banking users globally. This group carries out campaigns targeting Android devices and spreading malware on mobile devices, initially through DNS hijacking and now through SMS phishing.
Kaspersky experts have been monitoring the activity of this threat since 2018 and detected nearly half a million attacks on APAC users between 2021 and the first half of 2022. Most of the malware infects people. Kaspersky users in Russia, Japan, Korea, India and China have all been blocked.
Mr. Ishimaru emphasized that, besides the Android platform, the recent campaigns of Roaming Mantis also began to attack iOS users.
Using the same method, they send iOS users engaging messages with a brief description and a link (URL) to the landing page. When iOS users click on the link and open the landing page, they are redirected to a phishing page masquerading as the official Apple website . For Android users, the Wroba malware is also downloaded onto the device.
If a victim enters credentials into a phishing site, they will be directed to a two-factor authentication (2FA) phishing page, which in turn allows attackers to identify the user's device. , login information, and two-factor authentication code.
“There is a view that iOS is a more secure operating system. However, we need to take into account factors such as the increasing complexity of non-technical attacks, the variety of malware types, and the human factor. Both Anubis and Roaming Mantis require user involvement before they can take control of the device. With 63% of digital payments and financial transactions in APAC being done online via mobile devices, awareness alone is not enough. Everyone should protect their phones now," said Mr. Ishimaru.
Therefore, experts at Kaspersky recommend:
Basic security:
- Keep your phone up to date and install the latest patches.
- Restart daily.
- Don't trust third-party apps and mobileconfig.
- Do not click on links sent via SMS.
- Install a security solution, such as Kaspersky Total Security.
Advanced Security:
- Use VPN to hide traffic.
- Check real-time network traffic with Indicator of Compromise (extract system attack traces).
- Use Lockdown mode for iOS 16 users.
- Data Center Network Security | Next Generation Firewall
- Help Protect Your Digital Assets Against Cyber Threats Network Security
- Network Security Software | Search Learn more Security NET
- Spam filter, Antivirus software, Proxy server | Network access control (NAC)
- Review and analysis Managed Application Support Services for AWS
Operate and exploit advertising by iCOMM Vietnam Media and Technology Joint Stock Company.
116 Thai Ha, Trung Liet Ward, Dong Da District, Hanoi.
Email: info@more.edu.vn
Editor in chief: Tran Vo
Tel: (+84) 903076053/7 Fax: (+84) 903030935