Cyber Security News

Cybercriminals Use Fake Apps to Steal Data and Blackmail Users Across Asia’s Mobile Networks

CybersecurityNews
Cybercriminals Use Fake Apps to Steal Data and Blackmail Users Across Asia’s Mobile Networks

Cybersecurity researchers have uncovered a widespread mobile malware campaign called SarangTrap targeting Android and iOS users in South Korea with fake apps to steal personal data. This campaign uses sophisticated social engineering tactics, including fake domains and configuration profiles, to evade detection and conduct data exfiltration. #SarangTrap #AndroidTrojan

Keypoints

  • The SarangTrap campaign targets both Android and iOS platforms using deceptive applications to steal sensitive user information.
  • Malicious Android apps disguise as legitimate apps and request invasive permissions, while iOS apps install configuration profiles to facilitate data theft.
  • Threat actors use invitation codes and C2 servers to activate malware features and avoid detection during scans.
  • Additional campaigns involve fake domains and apps mimicking services like Telegram and banking apps to harvest data and execute remote commands.
  • The cybercriminal ecosystem includes malware-as-a-service kits and markets selling access to compromised devices, making malware distribution more accessible.

Read More: https://thehackernews.com/2025/07/cybercriminals-use-fake-apps-to-steal.html

SHARE THIS STORY

WhatsAppX (Twitter)TelegramBlueskyFacebookLinkedInThreadsEmailPrint