The Ministry of Internal Affairs of Russia has warned about a new dangerous scheme: fraudsters are massively sending files in Telegram that turn a smartphone into a tool for stealing money. The bait for victims is free applications for finding road cameras and traffic police radars.
Attackers use thematic chats and channels where drivers exchange information about fines and traffic police ambushes. An allegedly useful file with the .apk extension is distributed in these chats. It is enough to download and run it – and the system will ask for permission to install from an unverified source. If the user clicks "OK", a Trojan will be silently installed on the phone. The Ministry of Internal Affairs added that attackers often accompany the file with provocative messages so that the victim does not have time to think about the consequences.
After installation, the malicious program gains full control over the device. Hackers remotely access banking applications, take out loans and withdraw money. The virus can intercept and block SMS messages from banks, which allows attackers to confirm transactions without the owner's knowledge. At the same time, the Trojan scans the gallery, correspondence and contacts, and then sends infected links to everyone from the address book – so the chain of deception stretches to dozens of new victims.