Beware Of This Sinister Android Malware That Steals Money And Wipes Devices
The attacks make use of smishing (SMS phishing) for distribution, deceiving victims into thinking they are installing security tools such as an antivirus app. As typical, once installed on a device the malware will request a wide variety of permissions that gives the attacker wide latitude on the device.
BingoMod has a variety of functions. One such function is key logging, which is used to steal a victim’s credentials to whatever service they happen to log into after being infected. Additionally, it can be used to intercept SMS messages that are often used by banking institutions to deliver second factor authentication codes. Moreover, the attackers using this malware have shown a penchant for wiping devices to cover their tracks, although the malicious software itself can only remotely wipe attached storage devices.
According to the report, it’s “worth mentioning that this sample is in its early stage of development.” This is the silver lining here, as most of the malware's functionality still requires time and attention from the threat actors, lowering the amount of victims impacted. Although with enough development time it’s possible for BingoMod to get to a point where many of the aspects become automated.
As always, users should be mindful whenever installing apps on their devices, as these types of attacks show no signs of slowing down.