Operation BlackEcho: Voice Phishing Using Fake Financial and Vaccine Apps
Black Hat Asia 2025 · Day 1 · Briefings
Operation BlackEcho details a sophisticated and evolving voice phishing campaign that leverages an intricate network of fake financial and vaccine applications to defraud victims. Presented by Keniha and Jang, security researchers from the Financial Security Institute (FSI) in South Korea, this talk provides an in-depth analysis of the attackers' methods, from initial victim recruitment and malicious app distribution to advanced voice phishing tactics and the underlying server infrastructure. The research highlights a critical and persistent threat, particularly in regions like South Korea, where mobile financial transactions are prevalent and the recommendation for antivirus software creates a fertile ground for exploitation.
AI review
Operation BlackEcho delivers a critical, deep dive into a sophisticated and evolving voice phishing campaign. Keniha and Jang from FSI meticulously dissect the adversary's multi-stage Android malware, revealing a modular architecture, advanced call interception techniques, and a resilient, distributed C2 infrastructure. This isn't just another threat report; it's a forensic examination of how a highly organized criminal enterprise adapts, evades, and exploits the mobile financial ecosystem, providing invaluable, actionable intelligence for defenders struggling against persistent, high-impact…