An advanced mobile attack campaign that uses a phishing technique to steal victims credit card details and infects them with a malware that impersonates the Android Google Chrome app. Pradeos researchers qualified it as a Smishing trojan. Once installed, the fake Chrome app sends more than 2000 SMS per week from its victims’ devices, every day during 2 or 3 hours, to random phone numbers that seem to follow one another. The malware uses obfuscation techniques and calls external code to hide its malicious behaviors, hence eluding most threat detection systems.”]
Source: https://blog.pradeo.com/fake-chrome-mobile-app-smishing-trojan