A new variant of the sophisticated attacker tool gives cybercriminals even more control over victim devices to conduct various malicious activities, including fraud and cyber espionage.
A new variant of a sophisticated malware that helps attackers carry out advanced voice and mobile phishing (aka vishing and mishing) attacks against Android users has evolved with new capabilities that extend their control over compromised devices to commit further malicious activities.
FakeCall, a malware that’s been tracked by various research groups since at least 2022, conducts the attacks by tricking victims into calling fraudulent phone numbers controlled by the attacker, and then impersonating a typical conversation with bank employees or other entities aimed at defrauding the user in some way.
FakeCall’s capability historically lies inherently in its design for communicating with an attacker-controlled command-and-control (C2) server, enabling it to execute a range of actions aimed at deceiving the end user. In addition to allowing attackers to control a person’s phone calls, it also allows them to gain access to various permissions to Android devices for other malicious activity...
Tags
#Cybersecurity
#Spoofing
#Vishing
