A dangerous and powerful Android malware is back after three years. This malware is capable of stealing users’ banking details and personal information. The malware, called Fakesky, was spotted in October 2017, targeting people in Japan and South Korea.
But now Cybereason Nocturnus Research has learned that Faxi is targeting users around the world. The malware is attacking China, Taiwan, France, Switzerland, Germany, the United Kingdom, the United States and other countries.
At the moment, this malware is defrauding users by sending messages as a postal service application. In fact, even this time, this malware is on users’ bank accounts. According to the report, this malware is targeting users through Smishing or SMS-Phishing Attack. It sends an SMS asking users to download the app. Which tells them to download an app.
Once it opens a virus-infected application, it asks users for two permissions. With the first permission, it can read the messages coming on the device, and with the help of the second, it is working in the background even when the device is locked.
After receiving permission, they steal your important information such as your phone number, device model, OS version of the telecom provider, banking details, IMEI number, and IMSI number. Researchers believe that the Chinese group Roming Mantis is working behind it.
The researchers said, “Our analysis shows that FakeSpy is a Chinese speaking group behind malware, commonly known as roaming mantis.” This is a group that has been known to launch similar campaigns in the past.