JAKARTA - Senior Malware Researcher for Kaspersky's Global Analysis Research Team, Suguru Ishimaru, discovered the threat of mobile banking Trojans in the Asia Pacific region.
The perpetrators of the threat were Anubis and Roaming Mantis. Both groups carried out a malicious campaign that targeted Android devices and spread mobile malware initially via DNS hijacking and now through smishing.
Kaspersky experts have tracked its operations since 2018 and detected nearly half a million attacks in Asia Pacific from 2021 to the first half of 2022. Most of the malware has been successfully blocked by Kaspersky in Russia, Japan, South Korea, India and China.
Ishimaru also underlined that while cybercriminal groups are known to target Android devices, the latest Roaming Mantis campaign actually shows interest in iOS users.
It uses the same technique as Anubis, which sends a smishing message (SMS phishing) targeting iOS users containing a very short description and URL to a landing page.
If the user clicks on the link and opens the landing page, there are two scenarios: iOS users are redirected to a phishing page impersonating Apple's official website, while the Wroba malware is downloaded on an Android device.
If the victim enters his/her credentials into the phishing website, then the victim will proceed to the 2FA (two-factor authentication) phishing site. This allows attackers to know the user's device, credentials, and 2FA code.
SEE ALSO:
"There is an assumption that iOS is a more secure operating system. However, we have to consider two things, namely the increasing sophistication of the social engineering techniques of mobile bankers and malware warehouses and the possibility of human error," explained Ishimaru.
According to him, awareness of the high percentage of digital payments in Asia Pacific (63%) using online financial transactions via mobile devices is no longer enough.
“Protecting smartphones is a step that everyone should take right now,” added Ishimaru.
To that end, Kaspersky experts suggest two layers of protection for smartphones as follows:
Basic security
- Keep phone updated and install the latest patches
- Reboot (reboot) regularly every day
- DO NOT trust third party apps and mobile configuration
- NEVER click on a link sent via SMS
- Install a security solution like Kaspersky Total Security
Reliable protection
- Use a VPN to mask your traffic
- Check live network traffic using live Indicator of Compromise
- Use Lockdown Mode for iOS 16 users
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)