Researchers published a new advisory regarding a current campaign by an Android malware called SMSFactory. The malware operators compromise their victim’s status by subscribing them to premium services without their consent.
The malware has already compromised over 170,000 Avast clients, with victims originating most of the victims were in Russia, Ukraine, Turkey, Brazil, and Argentina.
The purpose of the malware is to disseminate premium text messages and make calls to premium phone numbers. The operators can also steal the contact lists of the infected device to propagate their malware for future use and distribution of threats.
Different methods are also applied to spread the malware, such as malvertisements, promotional pop-ups, adult content access, push notifications, and videos offering cheats and hacks for games.
The APK packages consisting of the malware are being kept on unofficial app stores such as PaidAPKFree, and APKMods. These app stores do not have proper security policies and lack vetting for their offered products.
The operators of the SMSFactory will bet on its target’s irresponsibility to strengthen their infection.
Based on reports, the infectious apps from the SMSFactory have no designated name or icon for themselves. After completing the download, it also removes its app icon from the screen. However, the app icon’s removal from the screen is a strategy that will bet on the user’s inattentiveness, thinking that the app is not being successfully downloaded.
The malicious APK comes under several names and attempts to put itself on the targeted device. Fortunately, a warning is revealed by Play Protect, enlightening the users about the security risk from a corrupted file.
Upon installation of the malicious apps, the requested permission includes access to mobile data, managing overlay, sending SMS, wake lock, screen control, vibrate, and the ability to initiate phone calls.
As of now, SMSFactory is spreading rapidly, and Android users are suggested to be constantly vigilant. They are advised to download applications only from authentic and official app stores.
Experts stress that users should use a minimum number of applications since most apps are useless after a specific purpose is already accomplished.
