An Android malware dubbed FunkyBot has started making the scene in Japan, operated by the same attackers responsible for the FakeSpy malware. It intercepts SMS messages sent to and from infected devices. The malware uses social media to obtain the address for the command-and-control server. It uses an open source library that can be found on Github to keep the service alive on the device. The capabilities of this family are limited at the moment, FortiGuard’s Dario Durando said.
Source: https://threatpost.com/funkybot-malware-intercepts-android-texts-2fa-codes/148059/