SMS attacks

    Malware can capture the contents of SMS messages to, for example, perform a malicious multi-factor authentication.

    The malware typically requests permissions that may seem legitimate in the context of the app, but are actually intended to access SMS messages. For example, a fake messaging app might logically request access to SMS.

    With the necessary permissions, the malware can intercept incoming SMS messages. This is particularly concerning for messages containing MFA codes, which are used as a second layer of security beyond passwords. The malware can programmatically read these messages and extract sensitive information like MFA codes without the user's knowledge.

    Defense techniques overview

    --- title: Malware clipboard attacks --- graph TD all[All malware attacks] --> steal_sms click all href "/mobile-app-security-research-center/malware/overview" "Malware overview" steal_sms[Spy on users' SMS messages] steal_sms --> mfa([2FA/MFA ⭐]) style mfa fill:lightgreen click mfa href "/mobile-app-security-research-center/malware/multi-factor-authentication" "Multi factor authentication"

    Recommended defense tactics

    We recommend using multi-factor authentication.


    Table of contents