Chinese trojan detected spreading through fake base stations

[CrAKeN]

 

The interestingly named "Swearing Trojan" appears to be using fake mobile base stations in China to send phishing SMS messages to fool victims.

 

If you're heading to China, you may want to watch out for legit-looking SMS messages from local carriers China Mobile and China Telecom.

 

That's because the group behind the banking malware known as "Swearing Trojan" has been using fake mobile stations to masquerade as a real carrier and send phishing SMS messages that trick you into clicking on a malicious URL, according to security research group Check Point.

 

While there have been reports that the authors behind the malware have been arrested, Check Point said it is still detecting the spread of the malware. Once installed, Screaming Trojan intercepts your bank's 2FA passwords, giving the malware authors access to your bank account.

 

Besides fake mobile base stations, the malware also propagates via your contact lists, using seemingly real messages to get other victims to download the malware or fake "nude celebrity" scams to get victims to click on a malicious URL.

 

Source