"This Malicious App Abused Hacked Devices to Create Fake Accounts on Multiple Platforms"

A malicious Android SMS app found on the Google Play Store has been discovered to stealthily harvest text messages in order to create accounts on a variety of platforms such as Facebook, Google, and WhatsApp. The app, Symoo, had more than 100,000 downloads and served as a relay for messages to a server advertising an account creation service. This is accomplished by using phone numbers associated with infected devices to obtain the one-time password that is typically sent to verify the user when creating new accounts. The malware requests the user's phone number on the first screen, according to security researcher Maxime Ingrao, who discovered the malware. It also requests SMS permissions. Then it pretends to load the application but stays on this page the entire time, in order to hide the interface of the received SMS and prevent the user from seeing the SMS of subscriptions to various services. Amazon, Discord, Facebook, Google, Instagram, KakaoTalk, Microsoft, Nike, Telegram, TikTok, Tinder, Viber, and WhatsApp are among the major services impacted by this operation. This article continues to discuss the malicious app used to harvest text messages to create accounts on a wide range of platforms.

THN reports "This Malicious App Abused Hacked Devices to Create Fake Accounts on Multiple Platforms"