FakeSpy Android Malware Pretends to Be a Postal Service and Steals Your Data

Jul. 6, 2020

According to research from cybersecurity firm Cybereason, FakeSpy steals SMS messages and makes it possible to hijack financial data, account credentials, IMEI, application data, contacts, and more.

Themalware apparently presents itself as a postal service app, which unsuspecting users may easily install. Once the application is installed, it requests permissions, which is then exploited to steal sensitive credentials.

The researchers have found FakeSpy malware to be masquerading as the following postal services: United States Postal Service, Royal Mail, Deutsche Post, La Poste, Japan Post, Yamato Transport, Chunghwa Post, and Swiss Post.

Based on the research, the team has concluded that a Chinese-speaking group named “Roaming Mantis” is behind FakeSpy. The group has allegedly operated similar campaigns.

To stay on the safer side,we would recommend you not to install apps from shady third-party sources. You should consider sticking to Google Play Store whenever you’re in the pursuit of new apps. Moreover, you should keep “Install unknown apps” off to avoid a potential incident.

Subin writes about consumer tech, software, and security. He secretly misses the headphone jack while pretending he’s better off with the wireless freedom.