Highly Technical WhatsApp E-Challan Scam Targets Indian Users

Highly Technical WhatsApp E-Challan Scam Targets Indian Users

Bengaluru : CloudSEK, a cybersecurity firm, has uncovered a sophisticated Android malware campaign originating from Vietnamese hackers, aimed at Indian users through deceptive traffic e-challan messages on WhatsApp.

Key Details:

• Malware Identification: Dubbed as part of the Wromba family, the malware has infiltrated more than 4,400 devices, leading to fraudulent transactions exceeding ₹ 16 lakh by a single scam operator.
• Modus Operandi: Hackers distribute malicious APKs disguised as legitimate vehicle challan notifications via WhatsApp. These apps impersonate trusted entities like Parivahan Sewa or Karnataka Police to lure victims into downloading and installing them.
• Impact: Once installed, the malware requests extensive permissions, including access to contacts, SMS messages, and the ability to intercept OTPs. This enables attackers to gain unauthorized access to victims' financial and e-commerce accounts, conducting fraudulent transactions and redeeming gift cards unnoticed.
• Regional Impact: Gujarat and Karnataka are identified as the most affected states.
• Expert Insight: Vikas Kundu, Threat Researcher at CloudSEK, emphasized the sophistication of the attack, highlighting the malware's capability to forward SMS messages to threat actors, facilitating further exploitation of victims' accounts.
• Security Recommendations: CloudSEK advises users to exercise caution by downloading apps exclusively from trusted sources like the Google Play Store, limiting app permissions, keeping software updated, and enabling alerts for sensitive transactions.

Stay Informed and Protected: CloudSEK continues to monitor and analyze evolving cyber threats, providing proactive insights to safeguard users against such malicious activities.