Tag Archive for: texts

Beware of a new Android threat targeting your photos and texts without even opening them


Another day, another malware threat is trying to get your data. Well, brace yourself, because there’s a virus that’s been around for a while that’s out there that’s gotten even worse. It’s called XLoader, and it’s after your photos and texts on your Android device. Yes, you heard that right. Your precious memories and messages are in danger of being snatched by this malicious software.

 

What is malware?

Malware is technically any software that’s designed to disrupt the system of its intended target. With malware, the person or entity behind the attack can gain access to your data, leak sensitive information, block you out, and take control of other aspects of your privacy and security.

 

MORE: TIPS TO FOLLOW FROM ONE INCREDIBLY COSTLY CONVERSATION WITH CYBERCROOKS

 

What is the XLoader malware strain?

According to McAfee, the XLoader malware — also known as MoqHao — has been around since 2015, targeting Android users in the U.S., Europe, and Asia. Once it’s on your device (which it’s gotten much better at doing), it’s able to run in the background, taking your sensitive data, whether it be photos, text messages, contact lists, hardware details, and more.

 

MORE: BEWARE OF NEW ANDROID MALWARE HIDING IN POPULAR APPS

 

How does XLoader get onto your device?

One of the reasons XLoader is such a major threat is because unlike its previous strains and other malware, it can get on your device that much easier than before. Generally, malware gets onto your device via a phishing scam. However, because people are more skeptical about opening or clicking on suspicious files or links — and because there are integrated apps that help warn you of these files — it’s more difficult for these traditional phishing scams to be effective, but XLoader has gotten clever.

 

First, you receive a text from an unknown sender

Like ordinary malware, XLoader often spreads through malicious links sent via text messages. This is a unique type of phishing scam known as “smishing.” But, scammers are aware that most people don’t click on texts from people they don’t know. So, another way they attempt to be successful at this is by first gaining access to a phone…

Source…

Clicking these texts allows devious malware to take over your phone


Text messages have not gone out of fashion. While platforms like WhatsApp and Telegram have exploded in use, 2.1 trillion text messages were still sent in 2020. Facebook Messenger is also a popular choice, and the company recently introduced end-to-end encryption.

Unfortunately, text messages are also popular with cybercriminals. Constantly developed to infect as many devices as possible, malware hiding in texts is an ever-growing concern.

While they come in different forms, an old trick has been re-engineered to cause financial havoc. Read on to see how malicious text messages can install money-grabbing malware.

Here’s the backstory

Medusa malware made its first appearance in July 2020, sparking concern with its ability to infect devices rapidly. The malware is also known as Tanglebot and is spread through text messages containing malicious links. If the malware infects your device, crooks can steal data and even take over your phone. 

ThreatFabric researchers noticed a development change in the current version, making Medusa even more dangerous. In addition to the regular reading of text messages and accessing your contacts, it can now steal your money too. It’s a dangerous banking trojan that you need to keep off your gadget.

This particular scam combines SMS (short message service or text messages) and phishing and is known as smishing. These attacks attempt to gain your trust by imitating brands and companies you know or support.

The malware performs fraudulent actions either through a keylogger or by taking control of your device’s clipboard. And it isn’t easy to spot. Built into the malware’s code are instructions for evading antivirus detection and preventing the installation of apps that will detect it.

According to ThreatFabric, here’s how the scheme works: you receive a message via text that contains malicious links. Scammers pretend to have information on a delivery or an app that needs an immediate update. But the link leads to a malicious download that will infect your device with malware.

Once…

Source…