September 8, 2024

Vietnamese Hackers Target Indians With Fake WhatsApp E-Challan Scam, Stealing Personal Data And Funds

Tahir July 22, 2024 0
Post Views: 103

Vietnamese Hackers Target Indians With Fake WhatsApp E-Challan Scam, Stealing Personal Data And Funds

These scammers target Indian users with the intention of stealing personal data and committing financial fraud by deceiving them into installing a malicious application.

A Vietnamese hacker group has recently sent phony e-challan messages via WhatsApp, as revealed in a recent report by CloudSEK, a prominent cybersecurity firm. These scammers target Indian users with the intention of stealing personal data and committing financial fraud by deceiving them into installing a malicious application.

How the Scam Works?

The scammers issue fictitious traffic violation penalties by sending messages that impersonate authorities from Parivahan Sewa or Karnataka Police. The message contains a link that, upon clicking, initiates the installation of a malicious APK (Android application package).

Upon installation, this application requests a wide range of permissions, including the capacity to become the default messaging app, and access to contacts, phone calls, and SMS messages. This level of access enables the malware to execute a variety of malicious operations undetected.

The Damage Done

The malware, which has been classified as a member of the Wromba family, has infected more than 4,400 devices. Its primary function is to intercept one-time passwords (OTPs) and other sensitive communications, thereby allowing the hackers to access the e-commerce accounts of victims. The hackers conceal any direct fund transfers by purchasing gift cards and redeeming them once they have gained access to these accounts. These fraudulent transactions have totaled more than Rs. 16 lakhs to date.

Who is Affected?

Gujarat has reported the maximum number of victims, despite the fact that users throughout India have been targeted. followed by Karnataka. The hackers, who are traced back to Bá’ïc Giang Province in Vietnam, employ proxy IP addresses to elude detection, which complicates efforts to trace and halt their activities.

Protecting Yourself

In order to prevent falling victim to such scams, it is advisable to observe the following security recommendations:

  • Use Antivirus Software: Detect and eliminate malicious applications by installing and maintaining reputable antivirus and anti-malware software on your device.
  • Review App Permissions: Consistently verify and limit the permissions of applications to guarantee that they do not have access to anything beyond what is strictly essential.
  • Install Trusted Apps: To mitigate the danger of downloading malicious software, it is recommended that you only download applications from official sources, such as the Google Play Store.
  • Stay Updated: To take advantage of the most recent security updates, ensure that your device’s operating system and applications are up-to-date.
  • Monitor SMS Activity: Make use of tools that can identify and notify you of any suspicious SMS activity.
  • Enable Account Alerts: Establish notifications for banking and various other sensitive services to alert you of any unusual activity.
  • Raise Awareness: Build a more informed and cautious community by educating yourself and others about the risks of unverified apps and phishing attempts.

Stay Safe

Users can substantially mitigate the risk of infection and safeguard their personal information from malicious actors by implementing these security protocols. It is essential to remain vigilant and cautious in order to protect against the sophisticated cyber hazards that are present. In order to prevent falling prey to these scams, it is imperative to confirm the authenticity of communications and exercise caution when encountering any suspicious links or attachments.

About The Author:

Yogesh Naager is a content marketer who specializes in the cybersecurity and B2B space.  Besides writing for the News4Hackers blogs, he also writes for brands including Craw Security, Bytecode Security, and NASSCOM.

READ MORE ARTICLE HERE 

A Newly Developed Linux Variant of the Play Ransomware Identified as a Threat to VMware ESXi Systems.

Exploiting a CrowdStrike Update Mishap, Hacker Groups Spread Remcos RAT Malware.

CrowdStrike CEO issued an Apology for the Microsoft Windows Global Outage | Detailed Fix

About Author

Tahir

See author's posts

Tags: , , , , , , , , , , ,

More Stories

Neha Sharma

Neha Sharma — The Pakistani Spy Girl Who Lured Indian Defence Higher Officials To Acquire Sensitive Defence Secrets

Tahir September 4, 2024 0
Sejal Kapoor

Sejal Kapoor — The Pakistani Spy Girl Who Used Bots to Lure 98 Targets

Tahir September 4, 2024 0

Facebook Account, False Identity, Romantic Messages: How Indian Defense Officials Were Targeted by Pakistani Spies

Tahir September 3, 2024 0

Leave a Reply

Your email address will not be published. Required fields are marked *

You may have missed

Neha Sharma

Neha Sharma — The Pakistani Spy Girl Who Lured Indian Defence Higher Officials To Acquire Sensitive Defence Secrets

Tahir September 4, 2024 0
Sejal Kapoor

Sejal Kapoor — The Pakistani Spy Girl Who Used Bots to Lure 98 Targets

Tahir September 4, 2024 0

Facebook Account, False Identity, Romantic Messages: How Indian Defense Officials Were Targeted by Pakistani Spies

Tahir September 3, 2024 0
Nishant Agarwal

Nishant Agarwal, a former Brahmos Engineer, was sentenced to a Life Sentence for Spying for Pakistan’s ISI

Tahir September 2, 2024 0

Pay in Bitcoin Through This QR Code or Get Killed: A Man in Ghaziabad Received a Threatening Email

Tahir August 29, 2024 0
en_USEnglish
en_USEnglish
Open chat
Hello
Can we help you?