Microsoft: These mechanisms, based on PSTN, are the least secure of the MFA methods today. That gap will only widen as adoption increases cybercrime’ interest.
Cisco Talos cyber security experts: The malware still attacks Australia and spreads via SMS. But latest version no longer has hardcoded package names and added a “poor man scripting engine”.
ESET's cyber security experts: Malware, in addition to data encryption, uses the victim's contact list to send SMS with malicious links. The attack, however, can be easily detected.
Sucuri cyber security experts: To lure the victims are used 2 well known social engineering techniques: impersonification and panic/bait with phishing emails.