An Android malware first detected a few years ago has since proliferated and has spread across multiple continents. The malware, named FakeSpy, is designed to steal financial data from its victim’s phone and seems to have found success in Europe, Asia, and the U.S.
The app isn’t available on the Google Play Store so it gets on victim’s phones via smishing, SMS phishing messages. These messages often impersonate existing delivery and shipping companies such as the USPS and DHL. The messages often say a package was not delivered and provide a link promising more information. That link usually asks victim to download an app to get more details about shipments and packages — that app is the FakeSpy app.
From there, the app asks for a wide variety of permissions allowing it to read your SMS messages, run in the background, and steal data tied to any banking apps you may have.
Security researchers have found that the app continues to evolve and update, which suggests that the app is serving the hackers well enough to warrant the work.
To avoid succumbing to this malware, never download or install an app outside of the official store and be careful when responding to SMS messages that claim to be an official brand or company.
To learn more, check out CyberReason’s full breakdown on FakeSpy.