A new scam involving fake traffic e-challan messages is sweeping across India, carried out by Vietnamese hackers using sophisticated Android malware. Researchers at CloudSEK, a cybersecurity firm, reported on Wednesday that this malware, identified as part of the Wromba family, has already infected over 4,400 devices. The fraud has led to over Rs. 16 lakh in losses from just one operator, they added.
Vikas Kundu, a Threat Researcher at CloudSEK, explained that scammers are tricking Indian users by sending fake traffic e-challan messages on WhatsApp. These messages appear to come from trusted sources like Parivahan Sewa or Karnataka Police, deceiving users into installing a malicious app. This app not only steals personal information but also facilitates financial fraud.
The scam operates by having users click on a link in the WhatsApp message, which leads to the download of a fake APK disguised as a legitimate application. Once installed, the malware requests extensive permissions, including access to contacts, phone calls, SMS messages, and the ability to act as the default messaging app.
The malware then intercepts OTPs and other sensitive messages, allowing attackers to access victims' e-commerce accounts, buy gift cards, and use them without leaving a trace. Kundu noted that the app also extracts all contacts to target more users.
Moreover, all messages are forwarded to the hackers, enabling them to access various e-commerce and financial apps of the victim. To avoid detection, the attackers use proxy IPs, maintaining a low transaction profile.
According to the report, the malware has led to 271 unique gift cards being compromised, with transactions totaling Rs 16,31,000. Gujarat and Karnataka are the most affected regions.
CloudSEK advises users to stay vigilant to avoid falling victim to such scams. It is crucial to install apps only from trusted sources like the Google Play Store, limit app permissions, regularly review permissions, keep systems updated, and enable alerts for banking and sensitive services.
Recent Updates:
Cyber Fraudsters Target Job Seekers on Social Media: Beware of Fake Job Offers
Beware of the E-Challan Scam: Don't Fall Prey to Cyber Fraud
