Get Help Now

Get expert threat analysis weekly. Sign up to receive our Threat Briefing:


    Special Alert

    Android and iPhone Malware Advisory


    Bleeping Computer has reported an increase presence of Android/iPhone malware, normally delivered by SMS phishing campaigns. Notable malware strand, Roaming Mantis, has been seen active in Germany, Taiwan, South Korea, Japan, the US, the U.K. and most recently France. 

    Many other strains have been observed as well, including Autolycos, a ‘fleeceware’ variant which masquerades as different apps on the Google Play store and has been downloaded over three million times. Additionally, Microsoft has detected a Toll fraud malware that stealthily drains victim bank accounts with malicious transactions.

    Potential Impact

    Some of these malware strains have post-exploitation actions like setting up automatic subscriptions to illegitimate products, or SMS spamming contacts found in the phone’s directory.  These actions can increase in maliciousness, however, allowing attackers to obtain remote access, steal sensitive information, and compromise credentials.

    Recommended Actions

    Most Android/iPhone malware is delivered via SMS phishing (often referred to as smishing) or malicious applications available on the Google Play or Apple store, although this is not an exhaustive list. Due to these two initial compromise avenues, organizations can introduce effective countermeasures to prevent these types of compromises. The primary approach is to implement informed security awareness training for employees. All employees must be trained to identify SMS phishing messages and act accordingly (I.E., delete the message and block the sender). Additional training urging users to only download legitimate applications available on their respective app stores can be an effective approach as well.

    Lastly, many iPhone malware strands will redirect users to fraudulent Apple login pages in an attempt to steal credentials. Users should be trained to be attentive to possible phishing websites.

    As Android/iPhone malware increases in its sophistication and prevalence across the globe, organizations should be aware of this attack vector and train users accordingly.

    Request Consultation

    For more information, fill out the form below and we will be in touch shortly

      Number of Employees - select one:
      Industry - select one:

      For strategic clients, your vCISO will add this to your next Office Hours for further discussion. However, if you have an immediate need, concern, or question, please reach out to them directly.

      For non-strategic clients, please reach out to your Advisor for further discussion.

      For those not yet clients of GreyCastle Security, please click the “Contact Us” button below and we’ll be glad to provide assistance as well as answer any questions you might have.

      Let’s Discuss Your Cybersecurity Needs

      Contact Us
      Privacy Settings
      We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
      Consent to display content from - Youtube
      Consent to display content from - Vimeo
      Google Maps
      Consent to display content from - Google
      Consent to display content from - Spotify
      Sound Cloud
      Consent to display content from - Sound
      Contact Us