Researcher gave SMS Worm information on Twitter
- Malware researcher Lucas Stefanco first reported this SMS Worm on Twitter. He claimed that this new Android malware is targeting Indian users. He also explained how this malware is spreading through a text message.
- He has also shared some screenshots for this. Once a user downloads the fake free vaccine registration app through the link provided in the message, it is downloaded into the phone like a vaccine register app. It asks for permission to access the contact of the device. It also asks for permission to send and view messages.
This is how SMS Worm Malware works
- Australia-based risk intelligence firm Cyble has described how SMS Worm malware works. According to Cyble, different activities are done on the device of the person affected by this malware.
- Once it is downloaded to the phone, it performs many unauthorized functions such as unauthorized access or restricted access to private accounts and services, using the device to perform unauthorized activity, exposing personal data from the user’s device and accounts, etc.
- Investigating the source of SMS Worm malware, the firm found that there are many repository apps that look similar on the Internet. In such a situation, it is very important for the users to be cautious.
- Cyble’s blog post states that the new Android variants of SMS Worm are not very visible. The malware that has just surfaced is very interesting and unique. This new malware also sends messages without users’ permission and information.
This is how you can protect yourself
- The best and easiest way to avoid malware is to not download any app through any unauthorized source or website.
- If you have received a link via SMS from where you can download an app, then you should ignore it.
- Talking about Android, here only the app should be downloaded from Google Play Store.
- There is also another way, in whatever app you download, definitely see what permission is being asked by that app.
- To protect your data from hackers, apply two-factor authentication.