MalwareBleeping Computer
8.0 — CRITICAL
CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs
A new version of the CloudZ remote access tool (RAT) is deploying a previously unseen malicious plugin called Pheno that hijacks the Microsoft Phone Link connection to steal sensitive codes from mobile devices. [...]
🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview
CloudZ malware is using the Microsoft Phone Link connection to steal SMS and OTPs by leveraging a previously unseen malicious plugin called Pheno, which hijacks the application's SQLite database without compromising the mobile device.
⚙️Technical Details
💥Impact Assessment
Severity: High
Who Is at Risk
Users of mobile devices with Microsoft Phone Link installed, particularly those using SMS-based OTP services
🛡️Recommended Actions
1Avoid SMS-based OTP services and use authenticator apps that do not require push notifications
2Switch to using phishing-resistant solutions such as hardware keys for sensitive information
3Monitor for suspicious activity related to Microsoft Phone Link and CloudZ RAT
📦Affected Products
Product Name: Microsoft Phone LinkAffected Software: .NET loader, Rust-based loader
Read the full article
This is a curated summary. The complete article is available at Bleeping Computer.