Boris Johnson’s number has expired – a dream of hackers sending text messages

You will receive an SMS from a known courier company stating that you missed delivery of a package and indicating a link for more information. Once on the website, it looks like you have reached the courier company and it asks you to download an app to be able to track the shipment.

If you installed the app, you might have encountered the latest major global hacker attack, Flubot. The app is a Trojan horse that steals sensitive data, passwords, and contact book – this way it finds more numbers to send text messages to.

“We use mobile phones frequently because we now work more from home. There have been a lot of phishing attacks (phishing to steal information, Note D) in the past year,” says Sarah Vernholm, partner manager at Lookout, who has worked with mobile security. For eight years.

Di Digital previously reported how data, such as phone numbers, associated with more than 500 million Facebook accounts were made available on online forums. It is a goldmine for hackers, who can use the information to access login information. The phone numbers from the leak were used to start Flubot, which could then spread on its own initiative.

“Hackers have realized that company information, such as cloud services, can be mixed with social media such as Facebook. Whatsapp is sometimes used both in the company and in particular with the messaging app itself,” says Sarah Vernholm.

Sometimes, phone numbers are also available in other ways. For example, it was recently discovered that the mobile phone of British Prime Minister Boris Johnson had been open on the internet for 15 years. BBC reports. There has been debate about the risk of foreign powers using information to gain access to sensitive information.

Hackers also increasingly launch targeted attacks to gain access to a specific person or company. Last year, a major fraud was committed by well-known Twitter accounts, including Barack Obama and Elon Musk, urging users to send them bitcoins and then get refund of the leveraged amount. This was made possible by hacking employees on Twitter thus exposing the company’s internal management system.

Another popular way to hack cell phones is to send private messages on social media like Instagram and Facebook or dating apps that contain a link. Sometimes it seems like it comes from a friend, but then gets hacked. When you think you are downloading an image or something else innocent, it can instead hide malware behind it.

Then he falls to the ground and searches for interesting information, such as bank information and login information. For example, it can create a shell on top of your regular banking apps. When you click on it, you are instead sent to the hacker’s server. Through something called a “keylogger,” they can see every character you type and thus have access to two-factor authentication, “says Sarah Vernholm.

A user doesn’t even have to notice that something has been downloaded, but it can be done silently.

“The dark number with the number of people who have something in their loneliness is large.”

How can you detect the presence of malware on your mobile phone?

“For example, if the phone behaves strangely, for example, if the battery suddenly consumes extra power. Or if you have a program installed that detects this.”

Above all, it is important to train employees to be suspicious and not to click on unsafe links or download unknown software.

“One of our global customers encountered a phishing attack where the attacker developed a copy of the customer’s intranet login page, in an attempt to steal user data, including multi-factor credentials. The moment the attacker started building the phishing site, we were able to report it. As a suspicious site and monitor its development. “

Ida Hanson Prosowitz