E Challan Scam Going Viral on WhatsApp Hackers Stole Rs 16 Lakh Attacking Android Smartphones Heres How to Safeguard Yourself

Vietnamese hackers are targeting Indians with an Android malware campaign through fake traffic e-challan messages on WhatsApp. A team of researchers has discovered that this malware of the Wromba family has attacked more than 4,400 devices, causing fraudulent transactions worth more than Rs 16 lakh. Scammers posing as transport services or Karnataka Police trick users into downloading a fake app that steals personal information and intercepts OTPs, thereby committing financial fraud. Gujarat and Karnataka are the most affected areas.

of CloudSEK Report According to , Indians are being trapped in the new e-challan fraud. The team of researchers has discovered that Vietnamese hackers are behind this and they are carrying out this scam by sending messages on WhatsApp. Hackers are sending fake traffic e-challan messages on WhatsApp as part of a high-tech Android malware campaign. This malware belongs to the Wromba family. It has reportedly infected over 4,400 devices and led to fraudulent transactions worth over Rs 16 lakh by just one scam operator.

Threat researcher Vikas Kundu says that “Vietnamese people are targeting Indian users by sharing malicious mobile apps on WhatsApp under the pretext of issuing vehicle challans.” These scammers pretend to be transport services or Karnataka Police and send fake e-challan messages and trick people into installing a malicious app. The app works to steal personal information.

The report says that clicking on links inside WhatsApp messages downloads an Apk masquerading as a legitimate application, which users install hastily or unknowingly. Once installed, the malware gains access to contacts, phone calls, SMS messages, and takes over certain critical permissions, including the ability to become the default messaging app.

It then steals OTPs and other sensitive messages, which enables hackers to log into victims’ e-commerce accounts, purchase gift cards, and redeem them without leaving any trace. It is reported that using malware, hackers have accessed 271 gift cards, leading to transactions worth Rs 16,31,000. Gujarat has the highest number of attacks followed by Karnataka.

To protect against such malware threats, CloudSEK advises users to be cautious and install apps only from trusted sources like Google Play Store. Apart from this, users are also advised to limit app permissions and review them regularly. Users should also keep their bank apps and smartphone operating system and security patches updated to the latest version.