.jpeg)
.jpeg)
Lucid: Hackers target smartphone users in 88 countries, iPhone also not safe
Lucid: Unlike other traditional SMS phishing, messages sent via iMessage and RCS have a higher delivery rate, as these are E2EE-based services. These messages are much cheaper than SMS, as the mobile operator does not charge them.
This time hackers are targeting mobile users from 88 countries around the world. Usually, users of a single operating system are targeted by hackers, but this time both Android and iPhone are on target. According to security researchers, cybercriminals are sending phishing messages to 88 countries using iPhone and Android smartphones.
They are sent via iMessage and RCS (Rich Communication Services) chat via the 'Lucid' Phishing-as-a-Service (PhaaS) platform with links to phishing sites. Because of end-to-end encryption (E2EE), these messages get easily past traditional SMS spam blockers. Cybercriminals are currently offering licenses of this platform in a Telegram channel so other criminals may also utilize these services.
Unlike other conventional phishing via SMS, iMessage, and RCS-based messages enjoy a greater delivery rate, as these services are based on E2EE. Phishing messages via these services are significantly less expensive than via SMS because these don't attract mobile operator costs. iMessage phishing messages are sent via huge iOS device farms where temporary Apple IDs are employed. Cybercriminals abuse mobile network operator security vulnerabilities to send messages via RCS.
Phishing messages contain links that take users to fraudulent websites. These phishing websites have been set up on more than 1,000 domains. For example, some messages ask for fake toll payments, so that users try to pay by getting deceived. Some messages on iMessage demand a response from the recipient, as links are disabled by Apple in messages from unknown senders.
Through phishing websites, other sensitive data including credit card information is stolen from users. Criminals use a verification tool to validate these card details and then either use it themselves or sell it on the dark web.
According to researchers, the Lucid platform is being operated by a Chinese group called 'XinXin'. Membership of this platform is sold on a weekly basis through a Telegram channel. Other phishing platforms like Darcula and Lighthouse may also be linked to this group.
For Latest News update Subscribe to Sangri Today's Broadcast channels on Google News | Telegram | WhatsApp
