An article in The Register on malware caught our attention this week: According to a Kaspersky report there's been a 10X increase in Gugi malware attacks between April and August this year. The article explains Gugi is a "bank-account-raiding Trojan for smartphones". Not good.
Worse, this particular malware targets devices running Android version 6; (i,e, Marshmallow). Since version 6 added security measures to block this kind of attack it looks like the bag guys have upped their game. iPhone users would be wise to assume Gugi (or something like it) will be adapted to invade their ecosystem as well.
Here's what you need to know to protect your device: Gugi uses a spam SMS text message that says "additional rights needed to work with graphics and windows" with a button that says "Provide". Don't do it. Clicking the button allows the malware to get to your private data which will be used to try to get to your online banking info, with predictably unfortunate consequences.
Here's a link to the article for additional details: Sneaky Gugi Banking Trojan
While Gugi originated in Russia, it's rapid growth shows the threat has now expanded well beyond Russia's borders. Forewarned is forearmed.