* LASN_picture_logo.jpg

 

Locks and Security News: your weekly locks and security industry newsletter
11th September 2024 Issue no. 720

Your industry news - first

 

We strongly recommend viewing Locks and Security News full size in your web browser. Click our masthead above to visit our website version.

 

Search
English French Spanish Italian German Dutch Russian Mandarin


Zimperium uncovers sophisticated SMS Stealer campaign

Zimperium has announced the discovery of a new and potent threat identified as the SMS Stealer. This malicious software, uncovered by Zimperium's zLabs team during routine malware analysis, has been identified in over 105,000 samples, across more than 600 global brands, highlighting its extensive reach and significant risks, including account takeovers and identity theft.

The SMS Stealer threat, first identified in 2022, uses fake ads and Telegram bots posing as legitimate services to trick victims into gaining access to their SMS messages. Once access is granted, the malware connects to one of its 13 Command and Control (C&C) servers, confirms its status, and begins transmitting stolen SMS messages, including one-time passwords (OTPs).

OTPs are designed to add an extra layer of security to online accounts, particularly for enterprises controlling access to sensitive data. However, the SMS Stealer’s ability to intercept OTPs undermines this security feature, giving bad actors the means to gain control of victims’ accounts. The malware associated with SMS Stealer remains hidden, allowing for continuous attacks.  

The Impact of SMS Stealer:

“The SMS Stealer represents a significant evolution in mobile threats, highlighting the critical need for robust security measures and vigilant monitoring of application permissions,” said Nico Chiaraviglio, Chief Scientist at Zimperium.  “As threat actors continue to innovate, the mobile security community must adapt and respond to these challenges to protect user identities and maintain the integrity of digital services.”

More details on SMS Stealer here

7th August 2024




© Locks and Security News 2024.
Subscribe | Unsubscribe | Hall of Fame | Cookies | Sitemap