SMS PVA Services’ Use of Infected Android Phones Reveals Flaws in SMS Verification
Using these code snippets and C&C traffic as fingerprints, we were able to identify two more DEX files with the same functionality but different C&Cs, indicating an active development process and several versions of both the development code and production code of the Android malware. Only text messages sent by specific services and matched by the regex provided by the C&C were intercepted. This is likely to prevent the user of the Android phone from…
Read More