Security

Social engineering attacks lure Indian users to install Android banking trojans

Microsoft has observed ongoing activity from mobile banking trojan campaigns targeting users in India with social media messages designed to steal users’ information for financial fraud. Using social media platforms like WhatsApp and Telegram, attackers are sending messages designed to lure users into installing a malicious app on their mobile device by impersonating legitimate organizations, such as banks, government services, and utilities. Once installed, these fraudulent apps exfiltrate various types of sensitive information from users, which can include personal information, banking details, payment card information, account credentials, and more.

REFERENCE:
https://www.microsoft.com/en-us/security/blog/2023/11/20/social-engineering-attacks-lure-indian-users-to-install-android-banking-trojans/
TARGETED COUNTRY:
ATT&CK IDS:
T1053 – Scheduled Task/JobT1027 – Obfuscated Files or InformationT1564 – Hide ArtifactsT1056 – Input CaptureT1454 – Malicious SMS MessageT1041 – Exfiltration Over C2 Channel