Cybersecurity researchers have discovered a new version of a well-known Android malware family dubbed FakeCall that employs voice phishing (aka vishing) techniques to trick users into parting with their personal information.

"FakeCall is an extremely sophisticated Vishing attack that leverages malware to take almost complete control of the mobile device, including the interception of incoming and outgoing calls," Zimperium researcher Fernando Ortega said in a report published last week.

"Victims are tricked into calling fraudulent phone numbers controlled by the attacker and mimicking the normal user experience on the device."

FakeCall, also tracked under the names FakeCalls and Letscall, has been the subject of multiple analyses by Kaspersky, Check Point, and ThreatFabric since its emergence in April 2022. Previous attack waves have primarily targeted mobile users in South Korea.