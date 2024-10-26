ETV Bharat / bharat

Beware The 'Lounge Pass' Trap: Fake App Targets Air Travelers' SMS Data

New Delhi: CloudSEK’s Threat Research Team has revealed a sophisticated scam campaign targeting air travellers at Indian airports. The scam uses a fraudulent Android app named "Lounge Pass," distributed through deceptive websites like loungepass.in, which tricks travellers into downloading malware disguised as a legitimate lounge access app.

Once installed, the malicious app secretly intercepts and forwards incoming SMS messages to cybercriminal-controlled servers, leading to significant financial losses for unsuspecting users. In an exclusive chat with ETV Bharat, Anshuman Das, a Threat Researcher at CloudSEK, explained how the attackers achieved this.

“The app requests SMS permissions under the guise of legitimate functionality. Once granted, it forwards all incoming SMS messages to the attackers’ storage, where they can access sensitive data. We identified this by reverse-engineering the app and discovering the misconfigured Firebase endpoint, hardcoded into the malware,” Das said.

The research team recommends several protective measures. Users are advised to download apps only from official stores and avoid scanning random QR codes that could redirect them to malicious websites.

When downloading any travel-related or lounge access apps, it is essential not to grant SMS permissions. Instead, travellers should book lounge access only through official or trusted channels.