Infosecurity Magazine reports that almost 100,000 Android devices, most of which are in Uzbekistan, have been compromised with the novel Qwizzserial information-stealing malware as part of a new attack campaign.Qwizzserial malware has been spread by attackers masquerading as government agencies through Telegram channels purporting to be for financial aid, a Group-IB analysis revealed. Installation of the stealer then facilitates compromise of phone numbers and bank card numbers, SMS messages, Uzbek banking app information, and SIM card details, with more recent iterations of Qwizzserial observed to have included persistence. Such a malware campaign was noted by Group-IB researchers to be indicative of the continuous evolution of Classiscam-like schemes. "Threat actors are constantly adjusting their tactics to keep up with changes in user habits, security measures and platform policies. Instead of using phishing links, they now spread malicious APK files through Telegram — making the process more efficient, harder to trace and easier for new cybercriminals to join in," said Group-IB.
