Clicking these texts allows devious malware to take over your phone

/in


Text messages have not gone out of fashion. While platforms like WhatsApp and Telegram have exploded in use, 2.1 trillion text messages were still sent in 2020. Facebook Messenger is also a popular choice, and the company recently introduced end-to-end encryption.

Unfortunately, text messages are also popular with cybercriminals. Constantly developed to infect as many devices as possible, malware hiding in texts is an ever-growing concern.

While they come in different forms, an old trick has been re-engineered to cause financial havoc. Read on to see how malicious text messages can install money-grabbing malware.

Here’s the backstory

Medusa malware made its first appearance in July 2020, sparking concern with its ability to infect devices rapidly. The malware is also known as Tanglebot and is spread through text messages containing malicious links. If the malware infects your device, crooks can steal data and even take over your phone. 

ThreatFabric researchers noticed a development change in the current version, making Medusa even more dangerous. In addition to the regular reading of text messages and accessing your contacts, it can now steal your money too. It’s a dangerous banking trojan that you need to keep off your gadget.

This particular scam combines SMS (short message service or text messages) and phishing and is known as smishing. These attacks attempt to gain your trust by imitating brands and companies you know or support.

The malware performs fraudulent actions either through a keylogger or by taking control of your device’s clipboard. And it isn’t easy to spot. Built into the malware’s code are instructions for evading antivirus detection and preventing the installation of apps that will detect it.

According to ThreatFabric, here’s how the scheme works: you receive a message via text that contains malicious links. Scammers pretend to have information on a delivery or an app that needs an immediate update. But the link leads to a malicious download that will infect your device with malware.

Once…

Source…