Spoofed Amazon vouchers are being used to spearhead a campaign to contaminate Android mobiles with malware, messaging security firm AdaptiveMobile warns.
The attack, dubbed "Gazon", sends messages to victims’ mobile phone contacts linking to supposed offers for (non-existent) Amazon vouchers fictitiously promising a gift of $200. The messages, if opened on an Android, actually attempt to install malware that restarts the infection cycle and launches a fresh wave of mobile malware scam messages.
The attack has generated more than 16,000 click-throughs across multiple channels, including Facebook and email, infecting thousands of mobile devices in more than 30 countries, since it first surfaced on 25 February. SMS remains the primary channel for distribution, accounting for more than 99 per cent of the malicious messages, according to AdaptiveMobile.
The assault has spread far and wide reaching Australia, the UK, Canada, France, India, Korea, Mexico and the Philippines after initially appearing in the US late last month.
More details on the attack – including screenshots of the dodgy messages – can be found on the AdaptiveMobile blog here. ®