New Malware Infects Your Phone Via SMS

A new malware has quickly risen into the top five reported infections in Australia, which targets users with an external link in an SMS. Currently, it looks like only Android users need to be worried.

According to the Australian Internet Security Initiative, the new bug is set up to snatch your bank details:

This type identifies Android devices that have been compromised by Marcher malware applications. These applications can steal banking and other financial credentials by substituting genuine authentication fields within banking apps on the Android device with its own fake fields. These credentials are then recorded and sent to malicious actors. Marcher malware is generally installed through software obtained from untrusted sources, and not from trusted sources such as Google Play.

Called Marcher, this bug will first present itself as an SMS from an unidentified source claiming you have an unread MMS, and if you follow a hyperlink you’ll be able to read it. The website it leads to installs the malware. For those who have their Androids set to not install software from untrustworthy sources, the website also links to a set of instructions to change these settings, so the malware can be installed.

So, it kind of needs you to do its work for it, and you really shouldn’t be visiting that unknown link, let alone changing your security settings to appease the unknown link. The AISI doesn’t have much in the way of what to do if you’re already infected, but it does have some nifty stats to track how many people have fallen prey.

[AISI]

Image via Shutterstock


The Cheapest NBN 50 Plans

It’s the most popular NBN speed in Australia for a reason. Here are the cheapest plans available.

At Gizmodo, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.