Security researchers from D3Lab uncovered a new COVID-19 themed phishing campaign that targeting users of INPS(Italian National Institute for Social Security). To target the users of INPS the threat actors set up a fake INPS site used (“inps-it(.)top”) to trap their victims in downloading malicious application.
The application the Threat actors are tricking victims to install a malicious APK for android. The malicious APT “Acrobatreader.apk”, is a type of trojan-Banker malware which has capabilities to spy on actions of Users.
The entire report can be read on the D3Lab page: https://www.d3lab.net/campagna-di-phishing-inps-veicola-malware-android/