Fraudsters are distributing malicious software on behalf of mobile companies under the pretext of extending communications service contracts, the press center of the Russian Ministry of Internal Affairs told TASS.
During the conversation, the attackers present themselves as operator employees and offer to renew the contract. To do this, they send files to download, for example — "Dogovor.apk", "5G.apk", "Nastroika5s.apk", and others.
At the same time, the scammers persuade the victim to make changes in the banking app, citing a change of phone number.
The Ministry of Internal Affairs clarified that the functionality of the malicious programs makes it possible to collect data about the mobile device, including information about the model, operating system version, subscriber numbers, SMS, contacts, and call history. The programs also transmit geolocation information and make it possible to remotely control the victim's device.
Read more materials on the topic:
- Sends viruses to all contacts: Russians warned about the ClayRat spyware program
- Scammers learned to distribute viruses disguised as photographs in Telegram: they have a special extension
- \"Look, you're in the photo there!\" — scammers are distributing the Mamont virus via SMS
