SMS Trojan FakeInst Targets Users in 66 Countries

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  

The Trojan was first spotted in February 2013 and over a dozen new versions have been released since then.

The first variants were only designed to send SMSs to premium rate numbers in Russia. However, cybercriminals kept adding more and more countries to the list, until they reached 66.

While most of the infections have been observed in Russia and Canada, countries like the US, Germany, Lithuania, France, Finland, Norway, Ukraine, the UK, Malaysia, Hungary, Switzerland, Indonesia, Spain, Israel, Portugal, Ireland, China, the Czech Republic, the Netherlands, New Zealand, and Brazil are also impacted.

Cybercriminals distribute the Trojan by disguising it as an app that allegedly allows users to access adult videos.

The configuration file contains a list of phone numbers and prefixes. Based on the victim’s location, messages are sent from the infected devices to premium rate numbers. For each message, victims are charged around $2 (€1.5).

In addition to sending SMSs, the malware is also capable of intercepting incoming text messages.

Experts believe the threat has been developed by Russian-speaking cybercriminals.

The following two tabs change content below.

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]

Leave a Reply