The latest SMS scam has been targeting thousands of Australians, using their hardware in order to mine cryptocurrency. In this scam, victims would receive an SMS claiming that they received free Bitcoins. In order to collect the Bitcoins, they simply needed to click on a shortened URL. However, once the user clicks on the URL, the USR hijacks the victim's CPU to mine cryptocurrency without the user's knowledge or consent.
The latest hacking campaign was first brought to light by the Chief Technology Officer at Symantec, Nick Savvides, who described the campaign as “pump and dump spam.”
During an interview with the Australian news agency, Nine, Savvides noted that the links contained in the SMS required victims to sign up for a service. Once a victim signed up, the responsible hacker was allowed to hijack their CPU cycles, which gave them the power to use the victim’s resources to mine cryptocurrency for their own profit. The added personal information also gave the hackers additional power to launch more hacking campaigns in the future.
According to Savvides, most users are less cautious of links sent to them via SMS than they are of links they encounter when browsing. The lack of caution has encouraged a surge in SMS-based hacks. Savvides stated that users are generally more trusting of links sent to their devices, as logic dictates that hackers wouldn't be sending you malware directly to your phone number and device. While most people are cautious about things that seem too good to be true, Savvides noted that most individuals have become alarmingly accustomed of strange numbers sending us information and notifications via SMS for anything from your Uber driver to your pizza delivery through SMS. According to Savvides, this is likely to be the cause of the success of SMS hacking campaigns.
Savvides added that Australians, in general, simply do not employ proper security measures when it comes to their smartphones. He added that those who implement additional safety software are in the minority. Savvides stated that hacks of this kind are likely to get worse in the future.
The latest hacking campaign was first brought to light by the Chief Technology Officer at Symantec, Nick Savvides, who described the campaign as “pump and dump spam.”
During an interview with the Australian news agency, Nine, Savvides noted that the links contained in the SMS required victims to sign up for a service. Once a victim signed up, the responsible hacker was allowed to hijack their CPU cycles, which gave them the power to use the victim’s resources to mine cryptocurrency for their own profit. The added personal information also gave the hackers additional power to launch more hacking campaigns in the future.
According to Savvides, most users are less cautious of links sent to them via SMS than they are of links they encounter when browsing. The lack of caution has encouraged a surge in SMS-based hacks. Savvides stated that users are generally more trusting of links sent to their devices, as logic dictates that hackers wouldn't be sending you malware directly to your phone number and device. While most people are cautious about things that seem too good to be true, Savvides noted that most individuals have become alarmingly accustomed of strange numbers sending us information and notifications via SMS for anything from your Uber driver to your pizza delivery through SMS. According to Savvides, this is likely to be the cause of the success of SMS hacking campaigns.
Savvides added that Australians, in general, simply do not employ proper security measures when it comes to their smartphones. He added that those who implement additional safety software are in the minority. Savvides stated that hacks of this kind are likely to get worse in the future.