Android warning: Vicious new attack uses Chrome to steal all of your personal photos

We use your sign-up to provide content in ways you’ve consented to and to improve our understanding of you. This may include adverts from us and 3rd parties based on our understanding. You can unsubscribe at any time. More info

There’s another new Android scam to be on the lookout for and this time cyber thieves want full access to your photo library. This latest smishing attack starts with a simple text message that suggests a parcel has been sent to the recipient but not delivered. This is then followed by a link that takes the victim to a fake download page where they are urged to download apps such as Chrome or the delivery firm’s Android application.

Once installed, the fake apps then set about installing the nasty Roaming Mantis malware which can end up wreaking havoc on devices and hand very personal files over to the hackers.

Unlike some attacks – which try and gain access to banking information – this latest threat heads straight for your photo album with it fully capable of downloading every single one of your images and albums.

The security team at Kaspersky, who first spotted the scam, say that hackers can then use these images for huge financial gain.

Along with many users storing photos of such as passports and bank card details there’s also the opportunity to extort money from the victim should they have more X-rated images stored on their devices.

Nearby Share: Android explain how users can use new feature

“Criminals have two aims in mind,” explained Kaspersky.

“One possible scenario is that the criminals steal details from such things as driver’s licenses, health insurance cards or bank cards, to sign up for contracts with QR code payment services or mobile payment services. The criminals are also able to use stolen photos to get money in other ways, such as blackmail or sextortion.”

Roaming Mantis isn’t anything new with it first spotted in parts of Asia back in 2018.

However, this new warning has been issued as it now appears to be spreading rapidly across Europe with France and Germany currently the worst affected regions.

If you’re wondering if these types of attacks really work then the answer is resounding yes.

Kaspersky has issued data on how many times the fake apps have been downloaded and it appears thousands are being duped every day.

In fact, the infected version of Chrome has now been installed over 65,000 times in France alone.

Speaking about this new threat, Kaspersky said: “It has been almost four years since Kaspersky first observed the Roaming Mantis campaign. Since then, the criminal group has continued its attack activities by using various malware families.

“In addition, the group has now expanded its geography, adding two European countries to its main target regions. We predict these attacks will continue in 2022 because of the strong financial motivation.”

The advice is clear, delete any text messages if you are unsure where they have originated from and don’t download any applications unless you are sure they are from an official source.

Source: Read Full Article