The report added additional examples of the URLs: “In the original download request which we observed in Zscaler cloud, the user-agent string was: WhatsApp/2.21.4.22 which indicated to us that the link was clicked by the user in a WhatsApp message,” according to the analysis. The link leads to a Weebly-hosted site controlled by the cybercriminals, it explained. Threat actors blast out an SMS or WhatsApp message to numbers on the Jio network with the phishing lure message and a link to take advantage of the fraudulent offer, the report showed. Victims are told to share the fake TikTok app via WhatsApp – once it’s shared 10 times, the ads start. He added that the Zscaler team observed more than 200 malicious Android apps using “themes related to current affairs in India.” Targeted but widespread: Jio telecom serves more than half of India’s internet subscribers, which according to a March 2020 report from the Indian Telecom Regulatory Authority topped 743 million people. “The attack campaign is fairly targeted and leverages trusted resources like Weebly and GitHub for distributing the malicious content to the victims.” it follows common methods of persistence, and propagation using victim’s contact information,” Deepen Desai, Zscaler CISO, told Threatpost. “The malware involved has features that are also commonly found in other families as well, e.g. Another scam misleads victims into thinking they’re eligible for a free Lenovo laptop courtesy of the Indian government. Their most recent socially engineered messages try to convince users to download their fake version of TikTok by saying the app, which is banned in India, is now available, the report found. Researchers from Zscaler report this threat actor has been operating various phishing scams since March 2020, all using recent headlines as lures.
Malicious Android apps disguised as TikTok and offers for free Lenovo laptops are being used in ad-stuffing attacks underway against devices on the Jio telecom network in India, security researchers warn.
0 kommentar(er)
