Unforeseen threat: Malicious software could infect mobiles through SMS messages and Telegram communications
In the ever-evolving world of cyber threats, a new malware scam has been uncovered by mobile operator T2, involving SMS and Telegram. The scam, known as Qwizzserial, is masquerading as legitimate apps and is distributed via Telegram [1].
The malware, once installed, persistently requests intrusive permissions such as phone calls and SMS access, often prompting the user until granted. It then proceeds to steal critical data including bank card information, contacts, and intercepts SMS messages, especially banking notifications and large transaction alerts [1].
The stolen data is exfiltrated through Telegram bots or remote servers, enabling cybercriminals to profit through fraud [1]. To identify if your phone is targeted or infected, watch for signs such as frequent permission requests from unknown or suspicious apps, receiving One-Time Passwords (OTPs) without initiating any transaction, missing or delayed SMS alerts from your bank, and the appearance of unknown contacts labeled as “Support” or “Helpdesk” in your contacts [1][5].
To protect your phone from this scam and similar malware, T2 and security experts advise taking several precautions. Firstly, only download apps from official sources like the Google Play Store and avoid APKs or apps promoted via unofficial Telegram channels [1][5]. Secondly, carefully review permissions requested by apps; be wary of apps requesting SMS and call permissions without clear justification [1][5].
Additionally, users are urged not to click on links or download attachments from unexpected or suspicious SMS or Telegram messages. Enabling Google Play Protect and using reputable mobile antivirus software to scan and block malicious apps is also recommended [5]. Furthermore, using biometric security or app locks on banking apps adds a layer of protection [5].
Avoid relying solely on SMS-based two-factor authentication (2FA); if possible, switch to authenticator apps or hardware tokens [5]. If you receive suspicious SMS or emails purportedly from your bank that ask for sensitive information or contain links, verify their authenticity by contacting your bank through official channels before interacting [2].
If you suspect infection, immediately activate airplane mode to cut internet access. Uninstall any suspicious apps and revoke their device administrator permissions if granted. Reset your device and change all your passwords, especially for banking and financial services. Notify your bank to monitor and potentially freeze your accounts to prevent fraudulent activity [5].
Customers are encouraged to be vigilant and not click links from suspicious SMS. T2's security system analyzes millions of messages in real-time, blocking over 3.6 million such suspicious SMS monthly [3]. However, the company urges customers to report any suspicious activity [4].
These precautions, combined with vigilance towards unusual phone behavior and communications, are essential to safeguard against the newly reported SMS and Telegram malware scam targeting Android users [1][5].
References: 1. T2 Press Release 2. Banking and Finance Ombudsman Guide 3. T2 Security Report 2025 4. T2 Customer Support 5. Cybersecurity Tips for Android Users
- Staying informed about current cybersecurity issues is crucial, especially as new malware such as Qwizzserial exploits technology for fraudulent purposes like stealing sensitive data and intercepting SMS messages.
- To safeguard against such threats, it's important to follow security guidelines, including only downloading apps from official sources, carefully reviewing app permissions, avoiding clicking on links from suspicious SMS or Telegram messages, and using biometric security on banking apps, among other precautions.
