Switzerland's National Cyber Security Centre (NCSC) has issued an alert about malware being spread via the country's postal service. Citizens have bee

Swiss cheesed off as postal service used to spread malware

submited by
Style Pass
2024-11-16 14:30:13

Switzerland's National Cyber Security Centre (NCSC) has issued an alert about malware being spread via the country's postal service.

Citizens have been getting cunningly crafted letters faked to look like they have been sent from the nation's Federal Office of Meteorology and Climatology. They tell recipients to scan a QR code and download a "Severe Weather Warning App" for Android, which mimics the genuine Alertswiss weather app, but is spelled "AlertSwiss" in the bogus version and has a slightly different logo than the government build.

The app, hosted on a third-party site and not the official Google Play Store, contains a variant of the Coper trojan, first discovered in July 2021. Coper specializes in keylogging, intercepting two-factor authentication SMSes and push notifications, and going after banking apps installed on a device – stealing stored credentials and other data – thus allowing it to gather up all the info needed for its operators to log into people's bank accounts and plunder them. It can also display phishing screens, it responds to instructions from command-and-control servers, and it asks for a load of permissions to get away with its skulduggery.

"It is the first time the NCSC sees malware delivery through this method," the agency told The Register. "The letters look official with the correct logo of the Federal Office for Meteorology and thus trustworthy. In addition, the fraudsters build up pressure in the letter to tempt people into rash actions."

Leave a Comment