With the evolution of technology, our lives have been divided into two halves – digital and the real world. Thanks to technology, we can carry our digital existence in the palm of our hands. But what if someone was peeping into our digital lives without our knowledge or permission?
Our fear is yet again coming true with another Android spyware in the cyberworld.
What has transpired?
A new sophisticated Android malware has been spotted by researchers while impersonating the system update application to steal user and handset data, including texts, GPS data, call logs, contact lists, image and video files, and operational information, and more.
Additionally, all the stolen folders are sent to the C2 server once the victim is connected to a WIFI network. However, to ensure that users are unable to suspect that devices have been compromised, only a selected amount of data is sent to the C2 server if the victim is utilizing his mobile connection.
This matters because –
Accessibility Services are abused by this RAT to gain access to instant messenger applications. Furthermore, if the device that is used by the victim is rooted then database records can be collected by the spyware as well. Since the operators of this RAT have equipped it with advanced capabilities like time control – the RAT ensures only the most recent and relevant content is exfiltrated.
Recent Incidents –
Below are a few worrisome incidents:
- 70 fleeceware apps were discovered on the Google Playstore by researchers that have been downloaded more than 500 million times offering a profit margin of $38.5 million to its developers.
- In a nine-month-long campaign, a group of attackers exploited 11 zero-day flaws that targeted Android, iOS, and Windows.
- 10 apps were banned from the Google Playstore that consisted of droppers for financial trojans.
- The non-existent Clubhouse app for Android was impersonated by the BlackRock Trojan in an attempt to deliver malware that would steal user login info.
Needless to say, cyberattacks have become a digital norm. However, digital citizens or netizens as they are called need to put more effort into safeguarding their phones from various malware and its branches that don’t show any signs of slowing down.
To read more, please check eScan Blog