Security Company Warns iPhone Users of New Massive Scale Chinese Hacking Threat
Credit: Carlos / Adobe Stock
Toggle Dark Mode
A couple of months ago, we covered a “smishing” scam (derived from SMS + phishing) where iPhone users would receive texts posing as the user’s local toll road provider seeking payments. It’s possible some users have received those texts recently.
Bad news. One of the companies that initially exposed the toll road hackers, also known as the “Smishing Triad,” has identified another more dangerous and sophisticated text attack. This time, the Chinese hacker group is attempting to use Apple’s iMessage and Android’s RCS to target potential victims’ Apple Pay or Google Wallet in order to snatch credit card and personal data.
Resecurity has identified a new smishing kit called “Panda Shop,” where hackers can purchase customized kits via interactive bots on various Telegram channels that are deployable on any server. Resecurity suspects the same group behind this kit was behind the software used for the toll road scam.
In addition to the kits, the hackers buy compromised Apple and Gmail accounts in bulk to distribute their attacks. One actor can send up to 2,000,000 smishing messages daily, and a group can easily reach up to 60,000,000 potential victims per month according to Resecurity’s research.
This “Panda Shop” kit can be acquired along with templates mimicking recognized brands like AT&T, DHL, UPS, USPS, the UK government website for paying parking fines, and Vodafone. If a victim receives a text using one of these templates, they’re directed to a page resembling a legitimate website where they’ll be asked to input credit card and other personal information.
Resecurity also identified chats where top US banks, including Bank of America, Citibank, JP Morgan Chase Capital One, and others were targeted. If successful, the hackers will either use or sell the stolen information.
Since these cybercrime syndicates reside in China, they operate without repercussions from US law enforcement. This is scary stuff. Despite the growing scale and complexity of these scams, the rules to protect yourself remain unchanged. Never engage with an unsolicited text message by clicking any links within it. Simply delete the text immediately. If you believe you mistakenly handed over financial and personal data, change your passwords and contact your bank right away to report it. Spread the warning and stay safe!
