Android and iOS platforms have been targeted by cybercriminals in the past because of their rising popularity and massive user base. Speaking of the last week of 2023, cybersecurity firms across the globe warned the world about a range of online threats. A few of these include Xamalicious, Chameleon Trojan on Android and the sophisticated ‘Operation Triangulation’ campaign on iPhones. Here are more details about them with tips to stay safe.
Operation Triangulation
According to Kaspersky, this zero-click iMessage attack targeted iPhone devices running iOS up to 16.2 build. Termed the “most sophisticated exploit ever”, the four-year campaign started with a malicious attachment that led to code execution remotely. The exploit could access the storage of an iPhone to send/receive recordings, photos, location details and more confidential stuff, as per AppleInsider. However, Apple fixed the security issue later, the report noted.
Also Read: iPhone Cyberattack Alert! This Text On iMessage Can Take Full Control Of Your iOS Device
Xamalicious Malware
McAfee shared in a report Android/Xamalicious trojans amplified via games, health, productivity and other category apps on the Google Play Store. The affected apps (that infected over three lakh devices) request accessibility permissions, taking control of the device consequently and stay active in the background performing malicious activity, Forbes noted. According to the report, the affected apps with over one lakh installs include Essential Horoscope for Android, 3D Skin Editor for PE Minecraft and Logo Maker Pro.
Chameleon Trojan
This banking trojan targets Android users using banking and financial apps installed on their phones, according to PhoneArena. The aim is to scrap money from victims by presenting the trojan as a genuine app and gaining phone permissions. After getting access, the malware disables biometric authentication like facial and fingerprint recognition. It records the banking PIN entered by the victim and steals details from these apps to transfer money to the fraudster or shop products online. According to the ThreatFabric, the threat targeted Australia, Poland, the UK and Italy.
Safety Tips:
– Do not interact with unknown messages, links and attachments sent by strangers
– Avoid sideloading apps on your smartphone from third-party stores or the web
– Install the latest security and feature updates on your Android or iOS device for enhanced security
– Change passwords or choose stronger alternatives (two-factor authentication) to sign in if you notice unusual activity on your phone or accounts
– If you feel something is not right with your account, report the matter to the concerned cybersecurity officials, bank authorities and your contacts who might be affected by the situation
– Perform a factory reset to clean any traces of malware from your smartphone (make sure to backup your data before proceeding)
