Newsletter
Folks over at Zimperium discovered a massive SMS stealer campaign That SMS stealer campaign affected Android devices in 113 countries, and we’ve asked Google for a comment before reporting on it.
Google offered up a response to a massive Android SMS stealer campaign
The company behind Android did offer up a comment, and it’s good news. Well, it’s good news for those of you who use a smartphone with Google Services, as you’re protected by default in this case, it seems.
A Google spokesperson told us the following: “Android users are automatically protected against known versions of this malware by Google Play Protect, which is on by default on Android devices with Google Play Services. Google Play Protect can warn users or block apps known to exhibit malicious behavior, even when those apps come from sources outside of Play.”
So, Google Play Protect does protect against the known versions of this malware. As long as you didn’t disable it (as it’s on by default), you’re good to go. The company’s spokesperson also emphasized the importance of having Google Play Protect enabled.
This SMS-stealing malware managed to steal one-time 2FA passwords for over 600 services
This malware campaign targeted Android devices all over the globe. It utilized thousands of Telegram bots in order to affect them. That SMS-stealing malware also managed to steal one-time 2FA passwords (OTPs) for over 600 services.
Zimperium also reported that the operation used 2,600 Telegram bots in order to promote various Android APKs. They were controlled by 13 command and control (C2) servers.
The vast majority of victims of this malware are located in India and Russia. Brazil, Mexico, and the US also have a significant number of victims, the company said.
The whole point of this malware was to generate income, of course. The vast majority of such scams are motivated by financial gain, and this one is no different.