1 min read

Android App in Google Play Store Was Harvesting SMS Messages Helping Criminals Create New Accounts

Silviu STAHIE

December 02, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Android App in Google Play Store Was Harvesting SMS Messages Helping Criminals Create New Accounts

An Android app with over 100.000 downloads on Google Play was secretly harvesting SMS messages so that its operators could secretly create new accounts on various platforms with the victim's phone number.

Numerous online services require a phone number to set up, which makes them a desirable product for people who don't have a phone number or don't want to use their own number. Either way, this limitation spawned services that offer you new accounts to people with no phone numbers.

But those accounts still need to be set up with a phone number, so intermediaries have to resort to all types of illegal activities, such as harvesting legitimate phone numbers and setting up accounts without ever telling the owners of said phone numbers.

Security researcher Maxime Ingrao found that India's number one SMS app secretly collected SMS data, sending it to a remote server. The goal was to intercept users' confirmation SMS when making a new account.

"The malware asks the phone number of the user in the first screen," said the security researcher. "Then it pretends to load the application but remains all the time on this page, it is to hide the interface of the received sms and that the user does not see the sms of subscriptions to the various services."

"The malware sends data to the domain goomy[dot]fun; looking at VirusTotal, we can see that this domain was used by an application called VirtualNumber which has been removed from the Play Store," the researcher added.

He also noticed that the same developer had another app on the Play Store, ActivationPW, which used the activation[.]pw domain, the same one selling new accounts.

Google removed the apps from the store and banned the developers, but it's likely that other similar operations still exist.

tags


Author



Right now

Top posts

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

January 26, 2023

2 min read
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

January 19, 2023

4 min read
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

More than 50,000 People Affected by US Cellular Data Breach; Leaked Info Hits the Internet More than 50,000 People Affected by US Cellular Data Breach; Leaked Info Hits the Internet
Silviu STAHIE

February 08, 2023

1 min read
Russian Threat Actor Targets Ukraine Ministry and Polish Police in Similar Campaigns Russian Threat Actor Targets Ukraine Ministry and Polish Police in Similar Campaigns
Silviu STAHIE

February 06, 2023

1 min read
U.S. Department of Health and Human Services Hits ‘Banner Health’ with $1.25 Million Fine U.S. Department of Health and Human Services Hits ‘Banner Health’ with $1.25 Million Fine
Silviu STAHIE

February 03, 2023

1 min read