CALIFORNIA: Security experts have identified a new variant of Android malware called MockHow that infects an infected device without any user activity.
In a report published this week, McAfee Labs said that traditional MockHow required users to install and launch it to accomplish its goals. But this new variable doesn’t need any such function. When the app is installed, its malicious activities start automatically.
Android users in France, Germany, India, Japan and South Korea have been targeted in this malware campaign.
MockHao is an Android-based mobile malware allegedly related to Roaming Mantis.
The chain of this cyber attack starts with an SMS containing spoofed links. When the link is clicked from an Android device, the malware redirects the target to information-stealing pages, such as a copy of the Apple iCloud patch if clicked from an iPhone.
The multi-featured MoqHow malware is capable of stealing metadata, contacts, confidential information from SMS messages, calling specific numbers in silent mode, turning off Wi-Fi, etc.
In July 2022, Sequoia details a campaign that hacked at least 70,000 devices in France.