Smishing
-
Kimsuky campaign uses QR codes to deliver DocSwap Android malware, South Korean firm says
South Korean firm ENKI linked the North Korean actor Kimsuky to a campaign distributing a DocSwap Android trojan via QR codes on phishing sites impersonating CJ Logistics; the malware decrypts an embedded APK, registers a RAT service and accepts many remote commands.
-
OpenAI notifies some API customers after Mixpanel analytics vendor hacked
OpenAI said some ChatGPT API customers had limited identifying information exposed after a smishing-driven compromise of analytics vendor Mixpanel; no chats, API requests, credentials or payment data were exposed and both companies have taken mitigation steps while investigations continue.
-
Europol urges coordinated EU response as caller ID spoofing drives phone and text fraud
Europol says caller ID spoofing is driving much of Europe’s phone and text fraud, estimating EUR 850 million in annual losses and calling for EU-wide technical standards, an international traceback system and aligned legal frameworks to improve cross-border investigations.
-
Herodotus Android malware uses human-like typing delays to evade detection
Threat Fabric has identified Herodotus, an Android malware-as-a-service that uses randomized typing delays to mimic human input and evade timing-based detection, and is being distributed via SMS to users in Italy and Brazil.
-
Smishing texts impersonate New York tax agency to steal inflation refund details
Smishing texts impersonating the New York Department of Taxation and Finance are urging recipients to submit payment and personal details to claim “Inflation Refunds,” BleepingComputer reported; state officials said the refunds are automatic and advised people not to provide information and to report suspected scams.
-
China’s Smishing Triad Expands Phishing Tactics, Directly Targeting Banks
The Smishing Triad, a group of cybercriminals based in China, has expanded its phishing operations from impersonating toll road operators to directly targeting international banks and financial institutions, raising significant cybersecurity concerns.
