:

SMS Virus Developed by Iranian Hacker Claims 100/000 Victims in Iran

:

In recent weeks a story that has attracted attention of many people has been the development and spreading of a virus by SMS, which was developed by Iranian hacker Pourya Emanverdi, who uses the username num1vps online. The story is of this nature that Mr. Emanverdi's creation spreads by a very intelligent and well designed social engineering; it was described by a researcher as "beautiful social engineering'. In this way, it has been able to claim something like 100/000 victims in Iran so far. It encourages the user to open a link by saying that by clicking the link they will get 2gigabyte of free internet. The messages to invite the user to click the link are not all the same one, some say "Click here for 2Gb free internet!" but some say "Hello, I just got 2Gb free internet from this link". Once the user clicked the link, it opens a Telegram channel. In this Telegram channel the user is encouraged and invited actually to install the Android application. The user installs the application, then this software brings user's handset into Silent state, then goes ahead to send messages about 2Gb free internet to every contact in user's phone contact list. So, the virus spreads and propagates itself more, because the same thing will repeat for these users too. 

This behavior was analyzed by two security experts in cyber field, one is "hoshmand" who runs the website scriptics.ir and another who is manager of Webamooz. It has been published on CYAXARES CHANNEL.

It is clear that the development of such virus is against the law of Islamic Republic of Iran and many other countries also. The social engineering part of this is very admirable and is excellent and many people can learn from it. But, this is at least the second time that num1vps aka Pourya Emanverdi has done this kind of activities, and everybody should be watchful in case of more similar attacks. Finally we must remind all users the same thing that "hoshmand" and Webamooz manager and H.BBF3.4, who reported this to ICNA, have made clear: if something looks good and you don't know why you should get this good thing free, it is probably not real and there is probably some kind of trap behind it. 2Gb free internet is very nice! But always we should think about these things, and we should not click on links in messages without checking first what they are. 

It is worth to note that the website that the link in the messages directs to is not visible from PCs but only from mobile devices! This should also make a user think about this. 

Lastly, for deleting this malware, you have to go to Settings, Application Manager, then you have to find the software, then uninstall it from Settings. But if you cannot delete it from this method, you need to factory reset your phone. Please pass on this news to anybody you think may be infected so to prevent more infections.

ICNA makes many thanks to Hossein H.BBF3.4 for his contribution.

Article rating:

vote(s).

0 Comments

Write a Comment

:
Hosein)root Discovers XSS Vulnerability on Google Earth

On 25 November Hosein)root who asked ICNA publish his true name as Amir Hossein Sharbati on CX...


0 Comments | Read more +
:
35/000 Characters Tweet Shocks German Hackers!

Thinking that a person could send a tweet with more than 280 characters is more or less like a...


0 Comments | Read more +
:
4TT4CK3R Identifies Flaw in University of Tehran Website

Vulnerability researcher 4TT4CK3R discovered on 23 August a cross-ste scripting vulnerability ...


0 Comments | Read more +
: 4tt4ck3r Find Vuln In United Kingdom Government
4tt4ck3r Finds Flaw in UK Government Websites

Iranian hacker 4tt4ck3r has previously found Reflected XSS -Cross Site Script...


0 Comments | Read more +
: TYRANT Ransomware
Iranian TYRANT Ransomware

A new type of ransomware have been discovered on October 16 2017 which appear...


0 Comments | Read more +
: IoT Security Research Expertise
Iranian Expertise in IoT Security Research

Iranian academic security researchers at the ITRC (Information Technology Research Cen...


0 Comments | Read more +
: Mohammad Rezania -LinX64-
Android Security and Forensic Science by LinX64

A good article by Iranian academic is important step forward for people to understand security...


0 Comments | Read more +
: http://offsec.ir/writeups
OFFSEC Team Ice CTF Results

Offsec Research CTF Team: "Thinking out of t...


0 Comments | Read more +
:
Defacement of Hafez Institute of Higher Education by UnSec Team

ICNA was contacted yesterday, 19 October, by UnSec Team member Mostafa Asadi concerning the ha...


0 Comments | Read more +
:
Manoto Defaced by Cluwix

We can see in the picture that website of Manoto TV show "Stage" was hacked by Black Hat Hacke...


0 Comments | Read more +
: Eagle Security Team
Eagle Security Team Deface Shahrood University of Technology

MR 7KH4T of Iranian hacking group Eagle Security Team is mak...


0 Comments | Read more +
: MR.IMAN
Iranian Black Hat Hackers Mass Deface Iran Sites

Hackers of the team Iranian Black Hat Hackers has make deface of many Iranian...


0 Comments | Read more +
: Iranian Cyber News Agency
New Website

Welcome to Iranian Cyber News Agency website.

New sections now include Vulnerability N...


0 Comments | Read more +
خبرگزاری سایبر ایران

در ب...


0 Comments | Read more +
:
SMS Virus Developed by Iranian Hacker Claims 100/000 Victims in Iran

In recent weeks a story that has attracted attention of many people has been the development a...


0 Comments | Read more +
: Atash Security Group
Atash Security Group Attack Irancell

The hacker and administrator Omid Killer of the Iranian hacker group ...


0 Comments | Read more +
: Eagle Security Team
Eagle Security Team Hack Saudi Sites

Latest Iranian cyber news from the Eagle Security Team shows that hackers hav...


0 Comments | Read more +
: Lord Hacking Team
Lord Hacking Team Attack Google Telegram & Acunetix

Iranian hackers of Lord Hacking Team is claim attack against:

  • ...

0 Comments | Read more +
Twitter: Twitter Message
Hackers Take Down Mahan Air Website

It can be seen from Twitter posts that website of Mahan Air was hacked by Iranian group XileRe...


0 Comments | Read more +
U.S-INDICTED MABNA GROUP DIRECTED BY MINISTRY OF INTELLIGENCE

Previous, ICNA has reported on U.S. indictments and accusations of Iranian hackers and other c...


0 Comments | Read more +
A Vaccination Called Filtering

We took this text from the Telegram Channel of Iran Security Team Official Channel (


0 Comments | Read more +
:
Iranian Hackers Accused of Attack on U.K. Parliament

In the last day we have seen that UK government has accused Iranian hackers of attacking the e...


0 Comments | Read more +
:
IEDB Holds Gatherings Nationwide

In recent weeks and months users and friends of the hardworking IEDB team which has very activ...


0 Comments | Read more +
: Eagle Security Team
Eagle Team

The Iranian Eagle Security Team security researchers is make exposed many SQL...


0 Comments | Read more +
: Kheshtak Security Team
Kheshtak Security Team - Story Continues

More than ever in the 21st century, knowledge is power and information is the force that contr...


0 Comments | Read more +
:
Termint Security Team Have New Website

Although they have history going back a few momnths the Termint Security Team...


0 Comments | Read more +