The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: Roaming Mantis

'Roaming Mantis' Android Malware Targeting Europeans via Smishing Campaigns

'Roaming Mantis' Android Malware Targeting Europeans via Smishing Campaigns

February 08, 2022Ravie Lakshmanan
A financially motivated campaign that targets Android devices and spreads mobile malware via SMS phishing techniques since at least 2018 has spread its tentacles to strike victims located in France and  Germany  for the first time. Dubbed  Roaming Mantis , the latest spate of activities observed in 2021 involve sending fake shipping-related texts containing a URL to a landing page from where Android users are infected with a banking trojan known as Wroba whereas iPhone users are redirected to a phishing page that masquerades as the official Apple website. The top affected countries, based on telemetry data gathered by Kaspersky between July 2021 and January 2022, are France, Japan, India, China, Germany, and Korea. Also tracked under the names  MoqHao  and XLoader (not to be confused with the info-stealer malware of the same name  targeting Windows and macOS ), the group's activity has continued to expand geographically even as the operators broadened their attack methods to m
DNS-Hijacking Malware Targeting iOS, Android and Desktop Users Worldwide

DNS-Hijacking Malware Targeting iOS, Android and Desktop Users Worldwide

May 21, 2018Swati Khandelwal
Widespread routers' DNS hijacking malware that recently found targeting Android devices has now been upgraded its capabilities to target iOS devices as well as desktop users. Dubbed Roaming Mantis , the malware was initially found hijacking Internet routers last month to distribute Android banking malware designed to steal users' login credentials and the secret code for two-factor authentication. According to security researchers at Kaspersky Lab s, the criminal group behind the Roaming Mantis campaign has broadened their targets by adding phishing attacks for iOS devices, and cryptocurrency mining script for PC users. Moreover, while the initial attacks were designed to target users from South East Asia–including South Korea, China Bangladesh, and Japan–the new campaign now support 27 languages to expand its operations to infect people across Europe and the Middle East. How the Roaming Mantis Malware Works Similar to the previous version, the new Roaming Mantis
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.