A new Android malware called SikkahBot is targeting students in Bangladesh by disguising itself as official education applications and using smishing attacks to spread. This malware exploits permissions to conduct banking fraud through automated USSD transactions and information interception. #SikkahBot #BangladeshEducationBoard
Keypoints
- SikkahBot is distributed via shortened URLs and smishing attacks targeting Bangladeshi students.
- The malware requests high-risk Android permissions to monitor and manipulate user activity.
- SikkahBot intercepts SMS messages related to mobile banking services like bKash and Nagad.
- It exploits Accessibility Service to autofill login details and perform offline USSD banking transactions.
- Cybersecurity experts recommend installing apps only from trusted sources and enabling multi-factor authentication.
Read More: https://thecyberexpress.com/sikkahbot-malware-campaign/