500,000+ Smartphones Hacked through SMS Malware

Security concept: Malware on smartphone

Have you received a strange text lately that just didn’t look or feel right? It could have been an attempt to infect your smartphone with malware.

New reports show more than 541,000 Android smartphones have been hacked through a particularly vengeful form of malware. The malware in question grants the perpetrator the right to access any information on a person’s phone. This includes bank passwords sent through text messages for security purposes.

“People would receive different messages saying something like: ‘Hey, this is my fresh set of photos. Please download it.’ And it turns out that just that it’s a piece of malware,” said Nikita Kislitsin from the botnet intelligence sector at Group-IB.

This malware is not just coming from text messages. The creators of the malware have made rogue software updates that look like they come from familiar apps and plugins. When someone chooses to download the update, the malware comes right along with it.

Smartphones in Russia are more vulnerable than others because 90% of banks in this country use SMS messages to deliver information to their patrons.

“They’ll look in your messages for SMS from your bank to find out how rich you are,” said Kislitsin. “Mostly, you can find the information about your balance on your banking account and based on this information they can conclude how interesting you are.”

There may not be much you can do to avoid malware like this, other than being very careful with what you download on your phone. Even then, hackers have become sophisticated enough to convince most everyone they are operating through an innocent update. You may want to tell your bank not to send any account information through text messages, and monitor your accounts closely.

About John Oldshue

John Oldshue is the creator of SaveOnPhone.com. He worked for over 15 years in television and won an Emmy award for his reporting. He covers long distance and cell phone topics for SaveOnPhone.