- The Digital Lutera Android Exploit
What You Need to Know
A new class of Android malware called “Digital Lutera” has been discovered in the wild. Unlike older viruses that simply stole your passwords, this “System Hijacker” hooks into the phone’s operating system to intercept your SIM-card verification messages. It allows a scammer thousands of miles away to “bind” your bank account to their phone. Your phone might lose signal for a few minutes, or you might see a “SIM not provisioned” error—by the time it’s back, your accounts are drained.
What You Should Do
- The Red Flag: If your mobile signal suddenly drops or you get an unexpected “SIM Refresh” notification, treat it as an emergency.
- March 2026 Patch: Ensure your Android OS is updated to the March 2026 patch, which specifically targets these system-level vulnerabilities.
- Use an authenticator app: Users should also enable Authenticator App-based 2FA instead of SMS, as this bypasses the SIM-hijacking vector entirely.
Think you are being scammed? Call our scam hotline or email us for help:
(801)-724-6211
scamwatch@invisus.com
