ETV Bharat / technology

Lounge Pass Scam: Sophisticated Android SMS Stealer Targets Air Travellers In India

A sophisticated scam targets air travellers through a malicious Android app, secretly capturing and forwarding text messages from victims' devices to scammers.

Lounge Pass Scam targets air travellers in India
Representational picture of a girl waiting at an airport lounge (ANI Photo)
author img

By ETV Bharat Tech Team

Published : 2 hours ago

Hyderabad: CloudSEK's Threat Research Team discovered a sophisticated scam targeting air travellers in India through a malicious Android app called 'Lounge Pass'. This application, once installed, secretly captures and forwards text messages from victims' devices to scammers, enabling various types of fraud and significant financial losses.

The research team used Open Source Intelligence (OSINT) investigation to identify multiple domains associated with the scam. They reverse-engineered the malicious APK to discover that the scammers had accidentally exposed their Firebase endpoint used for storing intercepted SMS messages from victims. The Threat Research Team analysed the exposed data to find that that between July and August 2024, around 450 travelers installed the malicious app, resulting in scammers stealing over Rs 9 lakhs from their victims.

CloudSEK says that the amount represents only a portion of the total damages as it includes only the documented cases linked to the exposed endpoint found in the SMS stealer code during the analysed time frame. The research team claims that the APK was downloaded via URL loungepass[.]in. Through domain analysis and passive DNS data, researchers identified several related domains spreading similar APKs, including loungepass[.]info and loungepass[.]online.

Tips to stay safe online from such Lounge Pass Scam

The research team also shared some safety tips to help users stay safe from Lounge Pass Scam, which includes the following:

  • Download lounge access apps only from trusted sources like the Google Play Store or Apple App Store
  • Verify the app publisher's name matches the official company and check user feedback and download numbers
  • Avoid scanning random QR codes at airports; confirm legitimacy with airport or lounge staff
  • Never download apps via direct APK links that bypass official app stores
  • Do not grant SMS permissions to lounge or travel apps; legitimate apps don't need SMS access
  • Book lounge access through official channels like your bank, credit card benefits, or trusted partners
  • Monitor your accounts regularly while travelling and enable banking alerts for transactions
  • Review and remove permissions for any suspicious lounge-related apps you have installed

Hyderabad: CloudSEK's Threat Research Team discovered a sophisticated scam targeting air travellers in India through a malicious Android app called 'Lounge Pass'. This application, once installed, secretly captures and forwards text messages from victims' devices to scammers, enabling various types of fraud and significant financial losses.

The research team used Open Source Intelligence (OSINT) investigation to identify multiple domains associated with the scam. They reverse-engineered the malicious APK to discover that the scammers had accidentally exposed their Firebase endpoint used for storing intercepted SMS messages from victims. The Threat Research Team analysed the exposed data to find that that between July and August 2024, around 450 travelers installed the malicious app, resulting in scammers stealing over Rs 9 lakhs from their victims.

CloudSEK says that the amount represents only a portion of the total damages as it includes only the documented cases linked to the exposed endpoint found in the SMS stealer code during the analysed time frame. The research team claims that the APK was downloaded via URL loungepass[.]in. Through domain analysis and passive DNS data, researchers identified several related domains spreading similar APKs, including loungepass[.]info and loungepass[.]online.

Tips to stay safe online from such Lounge Pass Scam

The research team also shared some safety tips to help users stay safe from Lounge Pass Scam, which includes the following:

  • Download lounge access apps only from trusted sources like the Google Play Store or Apple App Store
  • Verify the app publisher's name matches the official company and check user feedback and download numbers
  • Avoid scanning random QR codes at airports; confirm legitimacy with airport or lounge staff
  • Never download apps via direct APK links that bypass official app stores
  • Do not grant SMS permissions to lounge or travel apps; legitimate apps don't need SMS access
  • Book lounge access through official channels like your bank, credit card benefits, or trusted partners
  • Monitor your accounts regularly while travelling and enable banking alerts for transactions
  • Review and remove permissions for any suspicious lounge-related apps you have installed

For All Latest Updates

TAGGED:

ANDROID SMS STEALERLOUNGEPASS SCAM INDIAAIR TRAVEL SCAMLOUNGE PASS SCAM

Quick Links / Policies

Get Us On

ETV Bharat IOS AppETV Bharat Google App

Please write to us, for media partnership and Ad-sales inquiries. Email: adops@etvbharat.com

Featured

Exclusive | First Visuals Of Vande Bharat Sleeper Coach

The Yamuna In Delhi – The Urgent Need To Restore A Dying River

Explained: What Happens If Vikash Yadav Is Arrested In India In Pannun Assassination Plot?

Watch | How Premium African Cigars Are Made In Mozambique

ETV Bharat Logo

Copyright © 2024 Ushodaya Enterprises Pvt. Ltd., All Rights Reserved.