Warning As Smartphone Farm Used In 100,000 Android, iPhone Attacks
Criminal hackers have found yet another way to exploit smartphone users, and it's not just about phishing campaigns or threats for hire. The latest threat campaign involves the use of "smartphone farms" – locations where hundreds or thousands of connected devices are used to automate tasks on a large scale. In this case, these farming operations are being used to send out massive amounts of phishing attacks against iOS and Android devices.
According to a recent report published on the Prodaft Catalyst cyber intelligence portal, Lucid – a Chinese phishing-as-a-service platform – has deployed these smartphone farms to carry out large-scale SMS attacks. These attacks have resulted in over 100,000 phishing attempts being sent every day. The Lucid threat actors are targeting 88 countries with their scalable, subscription-based service, primarily aiming to harvest credit card data.
The use of AI tools to make these messages sound urgent and legitimate has made them difficult to spot for many users. However, the operators behind Lucid have found a way to bypass traditional SMS spam filters by leveraging Apple iMessage and Android's RCS technology. This allows them to increase delivery and success rates, making their attacks even more effective.
But what exactly are smartphone farms? Essentially, they are locations where hundreds or thousands of connected devices – primarily iPhones and Androids – are used to automate tasks on a large scale. They can be used for advertising campaigns, inflating review ratings, or social media posting likes. However, all too often, they are also used to distribute phishing and malware attack campaigns.
Prodaft has seen evidence from Lucid itself of multiple mobile devices being used simultaneously to send out messages and harvest credit card details, all controlled from a centralized system. There is also evidence of dozens of mobile device emulators running in parallel on a single machine, each one carrying out coordinated scam operations.
Given the scale of these attacks and the advanced anti-detection and evasion techniques being used, it's clear that this threat must be taken seriously. The group behind Lucid, named as the Chinese XinXin actors, is selling access to the platform via a Telegram channel with over 2,000 members.
iPhone users are especially at risk, with the latest iOS update (18.4) warning of these new attacks. To stay safe, users should be cautious when receiving suspicious SMS messages and never click on links or download attachments from unknown senders.
Stay Safe: Protecting Yourself From Smartphone Farm Attacks
To avoid falling victim to these smartphone farm attacks, follow these tips:
- Cause for alarm: If you receive an SMS message claiming that your account has been compromised or asking you to pay a shipping fee or toll payment, do not respond. Instead, delete the message and report it to your device's operator.
- Verify before proceeding: Always verify the sender's identity by contacting them directly through a trusted channel. Legitimate companies will never ask for sensitive information via SMS.
- Keep your software up-to-date: Regularly update your operating system and security patches to ensure you have the latest protection against these types of attacks.
- Use strong passwords: Use unique, complex passwords for all accounts, and avoid using easily guessable information such as your name or birthdate.
By staying informed and taking these precautions, you can significantly reduce your risk of falling victim to smartphone farm attacks. Remember, the threat is real, but with awareness and caution, you can stay safe online.