From thehackernews.com
Socially engineered SMS messages are being used to install malware on Android devices as part of a widespread phishing campaign that impersonates the Iranian government and social security services to make away with credit card details and steal funds from victims’ bank accounts.
Unlike other variants of banking malware that bank of overlay attacks to capture sensitive data without the knowledge of the victim, the malicious applications uncovered by Check Point Research are designed to trick the targets into handing over their credit card information by sending them a legitimate-looking SMS message that contains a link, which, when clicked, downloads a malicious app on to their devices.