Chinese trojan detected spreading through fake base stations

The interestingly named "Swearing Trojan" appears to be using fake mobile base stations in China to send phishing SMS messages to fool victims.

Aloysius Low Senior Editor

Aloysius Low is a Senior Editor at CNET covering mobile and Asia. Based in Singapore, he loves playing Dota 2 when he can spare the time and is also the owner-minion of two adorable cats.

See full bio

Aloysius Low

March 22, 2017 11:07 p.m. PT

If you're heading to China, you may want to watch out for legit-looking SMS messages from local carriers China Mobile and China Telecom.

That's because the group behind the banking malware known as "Swearing Trojan" has been using fake mobile stations to masquerade as a real carrier and send phishing SMS messages that trick you into clicking on a malicious URL, according to security research group Check Point.

While there have been reports that the authors behind the malware have been arrested, Check Point said it is still detecting the spread of the malware. Once installed, Screaming Trojan intercepts your bank's 2FA passwords, giving the malware authors access to your bank account.

Besides fake mobile base stations, the malware also propagates via your contact lists, using seemingly real messages to get other victims to download the malware or fake "nude celebrity" scams to get victims to click on a malicious URL.

Virtual reality 101: CNET tells you everything you need to know about VR.

Tech Enabled: CNET chronicles tech's role in providing new kinds of accessibility.