Account empty, device unusable: A new Android malware is drawing attention to itself with this horror scenario. As always, anyone who follows normal security rules should be protected from the “BingoMod” malware. The gateway is an SMS.
It is always astonishing how cybercriminals manage to use nasty malware to trick gullible users. One such malware is currently spreading in the Android ecosystem under the name “BingoMod”. It collects login data, uses it to steal money from accounts, and then tries to prevent countermeasures by deleting the device. The nasty Android malware was discovered according to Bleeping computer by researchers from Cleafy, an online platform for fraud management and prevention.
The makers of “BingoMod” spread these via SMS campaigns. They disguise themselves as messages from typical mobile security apps, but also simply as updates. Cleafy mentions APP Protection, Antivirus Cleanup, Chrome Update, InfoWeb, SicurezzaWeb, WebSecurity, WebsInfo, WebInfo and APKAppScudo.
First of all, the people behind the malware can only get onto the devices if overly gullible users follow the links in the SMS and agree to the installation of a supposed application. In one case, the security researchers encountered a logo for the free AVG AntiVirus & Security Tool during installation. This is followed by a step that is typical for malware: the request to use the “accessibility” features.
If you ignore all of these warning signals, you are defenseless against “BingoMod”. With the “accessibility” rights, the app can read all the login data entered, take screenshots and intercept SMS messages. The app sets up a channel for receiving commands and sending data. The attackers can then use this remote access to completely delete the device.
Digital marketing enthusiast and industry professional in Digital technologies, Technology News, Mobile phones, software, gadgets with vast experience in the tech industry, I have a keen interest in technology, News breaking.