Once downloaded, the malware, which has been spreading through a phishing campaign over SMS, will create fake user interfaces on the phone as an overlay on top of real apps. These interfaces ask for credit card information and then send the entered data to the hacker.