Uncovering the Lounge Pass Scam Campaign: Targeted Android SMS Stealer Preying on Air Travellers

SUMMARY :

A sophisticated scam targeting air travelers in Indian airports has been uncovered, involving a malicious Android app called 'Lounge Pass'. The app, distributed through fake domains, intercepts and forwards SMS messages from victims' devices to cybercriminals, resulting in significant financial losses. Between July and August 2024, over 450 travelers unknowingly installed the fraudulent app, leading to a theft of more than INR 9 lakhs (approx. $11,000). The scammers exploited an exposed Firebase endpoint to store stolen SMS messages. Multiple related domains were identified spreading similar APKs. Key recommendations include downloading apps only from official stores, avoiding random QR code scanning, and never granting SMS access to travel or lounge apps.

OPENCTI LABELS :

phishing,android,financial fraud,airport scam,sms stealer,travel security,lounge pass,lounge access,mobile security


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Uncovering the Lounge Pass Scam Campaign: Targeted Android SMS Stealer Preying on Air Travellers