Hackers Exploit Bug in SMS Verification Services to Infect Android Devices

The Hacker News

An analysis of SMS phone-verified account (PVA) services has led to the discovery of a rogue platform built atop a botnet involving thousands of infected Android phones, once again underscoring the flaws with relying on SMS for account validation.
SMS PVA services, since gain prevalence in 2018, provide users with alternative mobile numbers that can be used to register for other online services