The hacking campaign used a combination of SMS phishing and Android Trojans. This is due to the hacker initially sending deceptive SMS messages that closely resembled official ones, duping unsuspecting victims into disclosing their sensitive credentials and granting access to their banking information.
