An old acquaintance of Android users has returned to show up and it seems that it is even more dangerous than before: we are talking about FakeSpy, a malware discovered for the first time by security researchers almost three years ago.
It is a rather unpleasant malware, as it is designed to steal text messages, financial data, bank login information, app data, a user’s contact lists, and other information.
If its initial version was mainly aimed at users in South Korea and Japan, this new incarnation of it is much more ambitious, as it tries to hit without territorial limits (among the countries with more cases we find China, France, Germany, the United Kingdom, and the United States).
How FakeSpy spreads
According to sources, the operation of this malware is quite simple: the victim receives an SMS that appears to come from a local post office, informing her of an attempt to deliver a failed package and inviting her to click on a link that, however, will start the download of a malicious app.
Once installed this app, in fact, will send the fake SMS with the malicious link to all the contacts of the victim. To avoid nasty surprises, the advice is always the same, that is, pay close attention to all messages received from “unusual” senders.