The Ministry of Internal Affairs warned Russians about a fraudster stealing data called ClayRat

A new malicious software has appeared that disguises itself as popular applications and is able to access users' SMS messages. This was reported on October 12 in the Telegram channel of the Department for the organization of the fight against the illegal use of information and communication technologies of the Ministry of Internal Affairs of the Russian Federation.

"Experts are detecting a rapidly evolving version of the ClayRat spyware malware distributed through fake Telegram channels and phishing sites," the report says.

According to the agency, ClayRat disguises itself as such well-known applications as WhatsApp (part of Meta, the organization is recognized as extremist and banned in the Russian Federation), Google Photos, TikTok and YouTube. The malware prompts users to install the app, and then gets access to SMS messages, call logs, notifications, system data, and in some cases, cameras.

In addition, ClayRat is not limited to monitoring, it is actively spreading, automatically sending malicious links to all the victim's contacts, turning every infected phone into a distribution point.

The UBK of the Ministry of Internal Affairs urges users to download applications exclusively from trusted sources in order to avoid infection.

Lucky ticket: how scammers lure Russians into pyramids under the guise of lottery

Experts told about the new scheme of criminals

On October 12, the Russian Interior Ministry reported on the use of Telegram bots by fraudsters to deceive Russians into fake investments, promising growing income and encouraging them to invest large sums. So, attackers, using advertising and social engineering methods, convince victims of the availability of automated trading in cryptocurrencies and securities.

All important news is on the Izvestia channel in the MAX messenger.