Home Latest News Beware of the Latest Fake SMS Malware for Registration of Covid-19 Vaccination in India

Beware of the Latest Fake SMS Malware for Registration of Covid-19 Vaccination in India

by CISOCONNECT Bureau

A new Android infection malware is spreading via SMS by tricking people into clicking on a URL that appears to be a free registration website for Covid-19 vaccine.

Scammers are preying on gullible residents in India due to a lack of Covid-19 vaccines and a desperate need to schedule an appointment on the CoWin platform. A new Android infection malware is spreading via SMS by tricking people into clicking on a URL that appears to be a free registration website for Covid-19 vaccine.

It’s part of a coordinated campaign in which the name of the vaccine registration website is slightly altered and then disseminated. The malware requests access to the phone’s contacts, SMS, and other information.

This campaign began in April 2021 and is still ongoing in India, according to Lukas Stefanko, a malware researcher at cybersecurity firm ESET.

SMS worm impersonates Covid-19 vaccine free registrationAndroid SMS worm tries to spread via text messages as fak… https://t.co/FrABIy2Pss
— Lukas Stefanko (@LukasStefanko) 1619696344000”

Lukas tweeted “SMS worm impersonates Covid-19 vaccine free registration. Android SMS worm tries to spread via text messages as fake free registration for Covid-19 vaccine – targets India. It can spread itself via SMS to victim contacts with link to download this malware,”

Covid-19 vaccine, Covid-19 vaccine registration, Vaccine Register, and My-Vaci, are some of the names given to the malware.

According to CERT-In, fake SMS messages are circulating that falsely purport to offer an app that allows users to register for the COVID-19 vaccine in India. While the exact wordings of the SMS may vary from time to time, the SMS instructs users to download and install an app or APK file on their Android phones by clicking on the URL provided in the SMS.

The CERT-In advisory mentions “The SMS message carries a link that installs the malicious app on Android based devices, which essentially spreads itself via SMS to victims’ contacts. The app also gains unnecessary permissions that attackers could leverage to acquire user data such as contact list,”

Recommended for You

Recommended for You

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Close Read More

See Ads