WhatsApp scam alert! How fake e-Challan messages are targeting users
Cybersecurity firm CloudSEK has reported a new scam involving WhatsApp e-Challan messages and malware named 'Maorrisbot.' This sophisticated phishing attempt, reportedly backed by Vietnamese hackers, is targeting Android users in India. The scam involves sending fake traffic e-Challan messages impersonating agencies such as Parivahan Sewa or Karnataka Police. Notably, there have been no reported impacts on iOS or other Apple devices.
'Maorrisbot' malware scam: How it operates
The scam operates by urging recipients to pay a traffic violation fine through a provided URL or an attached APK file in the fake e-Challan messages. Once clicked or installed, the 'Maorrisbot' malware is downloaded onto their device, disguised as a legitimate application. The malware then requests multiple permissions, including access to contacts, SMS, phone calls, and default messaging app status. If granted, it intercepts OTPs and other sensitive messages enabling scammers to access victims' e-commerce accounts undetected.
Hackers' origin and scam's impact on users
The hackers behind this scam are said to be based in Vietnam's Bac Giang Province. They use proxy IPs and maintain a low transaction profile to avoid detection. The malware has so far compromised 4,451 devices, resulting in the theft of over ₹16 lakh using 271 unique gift cards. Gujarat and Karnataka have been identified as the most affected regions in India by this scam.
How to protect against malware?
Android users are suggested to take several precautions in order to protect against this threat. These include using reputable antivirus and anti-malware software, regularly reviewing and limiting app permissions, and installing apps only from reliable sources. Users are also advised to be vigilant about unexpected or suspicious text messages and links, keep their device's software up-to-date, and set up notifications to track activities related to banking and other sensitive accounts.
