Lounge pass" typically refers to access granted to a lounge area, often in airports, hotels, or exclusive clubs. Lounge passes are highly sought after for the comfort, amenities, and exclusive services they offer, such as Premium Comfort, Complimentary Services, Business Services and some Priority Services. So is there anything to be scared of, yes and no both, before we elaborate on a related scam .
Cybersecurity firm CloudSEK has uncovered a sophisticated scam targeting air travelers in India through a malicious Android app named Lounge Pass. The app falsely promises users exclusive access to airport lounges and unlimited amenities like food and beverages at incredibly low prices, often as low as ₹2. In reality, the app is a front for cybercriminals to steal sensitive information, including travelers' credit card details, personal data, and travel itineraries.
Scammers distributed a fake Android app, Lounge Pass, which appeared to offer legitimate access to airport lounges and exclusive benefits. The malicious Lounge Pass app was primarily circulated through WhatsApp messages, which directed users to suspicious domains. However, once users install the app, they are prompted to enter payment details to access the promised lounge benefits. Cybercriminals exploit this to harvest the users' financial information, which is then used for unauthorized transactions or sold on the dark web. Additionally, by asking for travel and destination details, the scammers gain deeper insights into the victim’s schedule, potentially facilitating further identity theft or fraud.
They also secretly capture incoming SMS messages, including sensitise information like One-Time Passwords (OTPs). By stealing these OTPs, the scammers were able to gain unauthorized access to victims' online banking accounts and other financial services, leading to potential financial theft and misuse of personal information. This scam highlights the growing threat of malicious apps and the importance of exercising caution when downloading unknown applications.
Through domain analysis and passive DNS data, researchers identified several related domains spreading similar APKs. The recent investigation revealed that between July and August 2024, over 450 travelers unknowingly installed the fraudulent app, resulting in a reported theft of more than INR 9 lakhs (approx. USD11,000). The scammers exploited an exposed Firebase endpoint to store stolen SMS messages.
The Key recommendations include downloading apps only from official stores, avoiding scanning random QR codes, and never granting SMS access to travel or lounge apps. With the message of Stay Alert and Stay Safe, we sign off for now!
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
