The Lemon Group has been conducting malicious activity through 8.9 million pre-infected Android devices around the world. The Guerilla malware has been detected in over 180 countries and 50 brands of mobile phones, with the majority of infections being in the United States, Mexico, Indonesia, Thailand, Russia, South Africa, India, Angola, the Philippines, and Argentina. It was first documented in 2018 and has been evolving since then. The malware is used to steal and sell SMS messages, social media and online messaging accounts, and to generate revenue through advertisements and click fraud. It can also be used to bypass SMS-based verification and advertise virtual phone numbers. Additionally, the threat actors have been branching out to other Android-based IoT devices such as Smart TVs, Android TV boxes, entertainment systems, and children’s watches. It is believed that the malware has been modified by a third-party vendor. Microsoft security researcher Dimitrios Valsamaras has also outlined a new attack method called Dirty Stream, which uses Android share targets as a vector for distributing malicious payloads and capturing data from other apps.
Source: Hackernews
To mitigate these potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net or you can try your self using check.website.