Smishing Triad: a fraud group that steals world wealth

According to recent research by Silent Push, one of the most prominent Smishing actors is often referred to as the Smishing trilogy as a trilogy-although security researchers have called the group of Chinese language and threat companies and related companies in various ways-which has forged at least 121 countries.

In recent years, the group has used about 200,000 domains by the group, with about 187 high-levels, such as .top, .world and .vip-. Over the last 20 -day period, there have been more than 1 million views of page to scams used by Smishing Triad.

In addition to collecting names, emails, address and bank card details, websites also force people to enter one -time password or authentication codes that allow criminals to add bank cards to Apple Pay or Google Wallet and allow them to use the card on the other side.

“They have effectively transformed the modern digital wallet, such as Apple Pay or Google Wallet into the best card clinging device we have ever invented,” says Merrill.

In telegram groups associated with cyber criminal organizations, some members share photos and videos of bank cards that are added to digital wallets on iPhones and androids. For example, in a video, fraudsters are said to show dozens of virtual cards that have added to their phones.

Merrill says criminals may not pay by using cards that have added to the digital wallet, but it will probably not be long.

“When we first started this, they wait between 60 and 90 days to actually steal money from cards,” he explains. “If they wait seven days or even two days, you’ll be lucky. After colliding with the card, they hit hard and quickly.”

“Security is the main Google Wallet experience, and we have a close cooperation with card exporters to prevent fraud,” says Olivia O’Brien, Google Communications Manager. “For example, banks inform customers when their cards are added to a new wallet, and we provide signals to help exporters identify fraudulent behaviors so they can decide whether to approve the added cards.”

Apple did not respond to Wired request for comment.

The giant fraud ecosystem is part of the commercial underground scam service. The findings of the Reseculation Security Company, which has been pursuing Smishing Triad for more than two years, says the group used “bulk” texts and message services because it has expanded the number of messages sent.

Meanwhile, as numerous security researchers have noted, the Smishing Triad also uses its own software called Lighthouse to collect, manage and store personal information and card details. A video of Lighthouse software originally shared in Telegram and published by Silent Push shows how the system collects the card details.

Silent Push says the latest version of the software, updated in March this year, targets “dozens of financial brands” including PayPal, MasterCard, Visa and Stripe. In addition, the study says that Australian banking brands appear to be fake, indicating a further expansion of goals.