An updated version of the FakeSpy Android malware family is actively targeting Royal Mail app users, according to Computer Weekly. Evolving rapidly, this new version of FakeSpy is significantly more powerful than previous iterations. Researchers from Cybereason’s Nocturnus have found that the malware’s developers are coding in new evasion and obfuscation techniques, and releasing new versions on a weekly basis. Having initially targeted Android users in Japan and South Korea, the malware has now begun are exploiting the brands of postal services companies in many other countries, including France’s La Poste, Germany’s Deutsche Post, and the US Postal Service, as well as Royal Mail in the UK. FakeSpy relies on smishing, such as fake notifications of a held package or missed delivery, to worm its way inside its victims’ devices.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.