Android warning: Vicious new attack uses Chrome to steal all of your personal photos

There’s another new Android scam to be on the lookout for and this time cyber thieves want full access to your photo library. This latest smishing attack starts with a simple text message that suggests a parcel has been sent to the recipient but not delivered. This is then followed by a link that takes the victim to a fake web page where they are urged to download apps such as Chrome or the delivery firm’s Android application.

Once installed, the fake apps then set about installing the nasty Roaming Mantis malware which can end up wreaking havoc on devices and hand very personal files over to the hackers.

Unlike some attacks – which try and gain access to banking information – this latest threat heads straight for your photo album with it fully capable of downloading every single one of your images and albums.

The security team at Kaspersky, who first spotted the scam, say that hackers can then use these images for huge financial gain.

Along with many users storing photos such as images of passports and bank card details, there’s also the opportunity to extort money from the victim should they have more X-rated images stored on their devices.

“Criminals have two aims in mind,” explained Kaspersky.

“One possible scenario is that the criminals steal details from such things as driver’s licenses, health insurance cards or bank cards, to sign up for contracts with QR code payment services or mobile payment services. The criminals are also able to use stolen photos to get money in other ways, such as blackmail or sextortion.”

Roaming Mantis isn’t anything new with it first spotted in parts of Asia back in 2018.

However, this new warning has been issued as it now appears to be spreading rapidly across Europe with France and Germany currently the worst affected regions.

If you’re wondering if these types of attacks really work then the answer is resounding yes.

Kaspersky has issued data on how many times the fake apps have been downloaded and it appears thousands are being duped every day.

In fact, the infected version of Chrome has now been installed over 65,000 times in France alone.

Speaking about this new threat, Kaspersky said: “It has been almost four years since Kaspersky first observed the Roaming Mantis campaign. Since then, the criminal group has continued its attack activities by using various malware families.

“In addition, the group has now expanded its geography, adding two European countries to its main target regions. We predict these attacks will continue in 2022 because of the strong financial motivation.”

The advice is clear, delete any text messages if you are unsure where they have originated from and don’t download any applications unless you are sure they are from an official source.