1,000 Apps Used in Malicious Campaign Targeting Android Users in India
Briefly

Mobile security firm Zimperium has reported a major malicious campaign named FatBoyPanel targeting Android users in India, utilizing over 1,000 malicious applications aimed at stealing personal and banking data. Uniquely, this campaign redirects SMS messages using real phone numbers rather than standard command-and-control servers for One-Time Password (OTP) theft. Performing a coordinated attack by a single threat actor, the campaign has compromised an estimated 50,000 users, utilizing platforms like WhatsApp for malware distribution disguised as legitimate apps.
The malware exploits SMS permissions to intercept and exfiltrate messages, including OTP's, facilitating unauthorized transactions. Additionally, it employs stealth techniques to hide its icon and resist uninstallation, ensuring persistence on the compromised devices.
Analysis of the collected samples reveals shared code structures, user interface elements, and app logos, suggesting a coordinated effort by a single threat actor targeting mobile devices running the Android OS.
Read at SecurityWeek
[
|
]