The malware, disguised as “NextGen mParivahan,” mimics the official government application developed by the Ministry of Road Transport & Highways, which provides digital access to driving licenses, vehicle registration certificates, and other transport services. “The malware not only retains its SMS-stealing features but has expanded its reach to target messages from social media, communication, and e-commerce apps, posing an even greater threat to user privacy,” noted Seqrite’s security team. Cybercriminals have launched a sophisticated malware campaign targeting Android users through fake traffic violation messages on WhatsApp. Users are advised to download applications only from trusted sources like Google Play Store, be cautious of unexpected messages claiming to be from government services, and employ reputable security solutions to protect their devices. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The attack begins with users receiving WhatsApp messages claiming to be official traffic violation alerts. Once installed, the malware requests extensive permissions, including access to SMS messages and notifications. The attackers have intentionally crafted malformed APK files that bypass traditional security tools while still functioning on newer Android devices. The malware exploits differences in how Android OS handles these malformed files compared to analysis tools. The malware then captures incoming messages and notifications, uploading them to command-and-control servers controlled by the attackers. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. The APT32 (OceanLotus) has launched a novel campaign weaponizing GitHub repositories to distribute malware to cybersecurity researchers and enterprises.
This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 11 Apr 2025 17:10:20 +0000