Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore a comprehensive security research presentation that exposes a sophisticated voice phishing operation targeting smartphone users through malicious apps disguised as legitimate financial and vaccine applications. Discover how this attack group, active since late 2021, employs a multi-stage infection process beginning with deceptive advertisements or text messages promising low-interest loans or government subsidies to lure victims. Learn about the technical mechanics of their two-app deployment strategy, where an initial financial app installs a secondary vaccine app that intercepts phone calls, manipulates call screens and logs, and enables remote control capabilities for conducting voice phishing attacks. Examine the evolution of this threat landscape, including the recent 2024 development where the secondary malicious app was split into separate main and call components to enhance operational effectiveness. Gain insights from a year-long tracking and analysis effort conducted by security researchers from the Financial Security Institute, covering the malicious apps' functionality, the group's infrastructure, attack vectors, victim monitoring techniques, data exfiltration methods, and emerging trends in mobile-based voice phishing campaigns.
