Researchers are ringing alarm bells against a new Android application that reportedly tricks users into visiting harmful websites.
The app is designed to make unsuspected individuals give away sensitive credentials that are used for logins and in some cases, even forces them to pass on cash.
The news comes to us thanks to Kaspersky which found the app involved in such activity. It was highlighted to entail the Wroba.o Agent malware and distributed it to far-off places, leaving experts stunned.
Whenever this particular application is installed, you’ll be connecting it to Wi-Fi routers that your mobile device is linked to. After that, it will make efforts to utilize a strange username and password combos and those that entail factory settings. In cases when it does succeed, it tends to alter the DNS server into one that’s malicious and that any threat actor has some power over.
This ends up allowing the operators of such malware to redirect all of its users linked to a particular Wi-Fi network, such as those not having any contact with the malware, to touch malicious versions of any popular website there.
In cases when compromised endpoints link to public Wi-Fi connections inside busy cafes, this ‘Roaming Mantis’ could alter the DNS server’s settings inside the router. Therefore, all those other clients trying to connect to Facebook or any other app in that restaurant get redirected to fake pages of the platform.
This is where they can provide more login details to such thieves. While researchers aren’t directly naming such apps, they are claiming that such APKs are getting downloaded around 46,000 times in nations like Japan, Germany, France, South Korea, India, Austria, and Turkey.
At the moment, there have been at least 24,000 downloads, and the nation that’s been affected the most was highlighted to be Japan. This is why experts are raising the alarm against Roaming Mantis so more people get aware.
To help stay protected against the likes of this danger, the best plan of action is to prevent yourself from linking to integral accounts across various public Wi-Fi networks and to stay as aware as possible.
It’s scary how so many people still aren’t aware of the dangers linked to public Wi-Fi and how their data could be accessed in seconds without them even noticing.
Read next: This New Malware Gives Hackers Remote Control Over Devices
The app is designed to make unsuspected individuals give away sensitive credentials that are used for logins and in some cases, even forces them to pass on cash.
The news comes to us thanks to Kaspersky which found the app involved in such activity. It was highlighted to entail the Wroba.o Agent malware and distributed it to far-off places, leaving experts stunned.
Whenever this particular application is installed, you’ll be connecting it to Wi-Fi routers that your mobile device is linked to. After that, it will make efforts to utilize a strange username and password combos and those that entail factory settings. In cases when it does succeed, it tends to alter the DNS server into one that’s malicious and that any threat actor has some power over.
This ends up allowing the operators of such malware to redirect all of its users linked to a particular Wi-Fi network, such as those not having any contact with the malware, to touch malicious versions of any popular website there.
In cases when compromised endpoints link to public Wi-Fi connections inside busy cafes, this ‘Roaming Mantis’ could alter the DNS server’s settings inside the router. Therefore, all those other clients trying to connect to Facebook or any other app in that restaurant get redirected to fake pages of the platform.
This is where they can provide more login details to such thieves. While researchers aren’t directly naming such apps, they are claiming that such APKs are getting downloaded around 46,000 times in nations like Japan, Germany, France, South Korea, India, Austria, and Turkey.
At the moment, there have been at least 24,000 downloads, and the nation that’s been affected the most was highlighted to be Japan. This is why experts are raising the alarm against Roaming Mantis so more people get aware.
To help stay protected against the likes of this danger, the best plan of action is to prevent yourself from linking to integral accounts across various public Wi-Fi networks and to stay as aware as possible.
It’s scary how so many people still aren’t aware of the dangers linked to public Wi-Fi and how their data could be accessed in seconds without them even noticing.
Read next: This New Malware Gives Hackers Remote Control Over Devices