Fake texting app Symoo caught stealing data

Two-factor authentication (2FA) is one of the best methods to keep your accounts safe from cybercriminals. It’s an added layer of protection beyond passwords that requires another way to prove who you are when logging into online accounts.

In theory, no one should be able to access or intercept your 2FA code, but cybercriminals use sophisticated technology to get around this limitation. There is another way criminals intercept 2FA codes. This method uses a fake SMS app to steal data.

Read on for details about this rogue app and some ways to protect yourself against these threats.

Here’s the backstory

Using 2FA allows you to verify your identity when logging into an account. Some platforms, like Facebook, use a unique code generator for 2FA security. But one of the most popular ways to receive 2FA codes is through text messages. If someone else takes the code before you, they could use it to log into your account.

An Evina security researcher discovered a fake text messaging app in the Google Play Store designed to steal 2FA codes. The application simoo It claims to be a messaging service and is ranked number one on the Google Play Store in multiple countries. However, the app does a lot more than it says on the tin.

Evina explains in a blog post that if you download and start Symoo, you’ll see a screen indicating that the app is loading. What actually happens is that the app works in the background to start a program that steals your phone number in order to intercept SMS messages and send them to an external server.

The criminals behind the app then use the stolen phone numbers to impersonate users and create fake online accounts while collecting the 2FA text messages. The app has been downloaded more than 100,000 times.

What can you do about it

Maxime Ingrao, a malware analyst at Evina, explains that the stolen details are then sold on a marketplace to create fake accounts on popular social networks like Facebook, Twitter, Telegram or Google.

It can be challenging to spot malicious apps, but there are a few ways to stay safe online.

  • Never download an app from third party libraries. Instead, always use the Google Play Store or Apple App Store.
  • Always check the comments and reviews of an app before downloading it. As with Symoo, several reviewers commented that the app was fake. When you see negative reviews like this, run away without downloading the app.
  • Read an app’s privacy policy and terms of service. If you see anything suspicious, don’t install the app.
  • Check your app library often and uninstall apps you no longer use. Not only will you free up space, but you might be removing bad apps that work behind the scenes.

Keep reading

Almost HALF of Mac malware comes from this program

Security Tech Tip: How to Remove Malware from Your Phone or Computer

Leave a Comment