New Android malware can steal data, record audio, and send SMS messages to premium services
RedDrop has existed named one of the most sophisticated pieces of Android malware
We’re used toward hearing about new types of bad Android malware, but a freshly exposed strain can be one of the utmost aggressive always found. Not only be able to RedDrop bargain a device’s photos, contacts, files, also other data, then it's also able toward record live audio too rack up huge phone bills for the victim.
UK-based Mobile security and data management firm Wandera uncovered RedDrop on the phones of employee at several global consultancy firms. It's described as "One of the most sophisticated pieces of android malware".
"Wandera's machine wisdom findings initial exposed the RedDrop apps when a handler snapped going on an ad showing on broadly said Chinese search engine Baidu. The handler existed then occupied toward huxiawang.cn, the major spreading site designed for the attack," composed investigators.
The landing pages that follow have content that tries toward boost visitors to download one of the 53 malicious apps from contained by the RedDrop family. The malware’s maker’s usage a content distribution network of over 4000 domains toward issue the applications, which are disguised as calculators, image editors, language learning aids, games, also adult content.
"We believe the group established this complex CDN [content distribution network] to complicate where the malware was aided from, creation it harder for safe keeping teams to spot the source of the threat," added the researchers.
The RedDrop apps have malicious fixed files, which are set in order so they exist able to recruit the malicious functionality. When installed, the malware downloads extra payloads such as APKs and JAR files beginning various C&C servers also stores them with passion in the device's memory.
To each of the infected apps need handlers to act together with their device. One of them, called “Cute Actress,” requests players to rub the screen to expose a seductively-dressed woman, however to each time the display is scrubbed, the handler is unknowingly sending an SMS message toward a premium-rate service. The malware even deletes entirely record of the messages existence sent.
RedDrop be able to too harvest data such as local files (photos or contacts etc.), SIM info, app plus Wi-Fi info, and device details. It be able to also grab live audio recordings of local surroundings by a device’s microphone. The data is then sent back to the attackers’ Dropbox or Drive folders to use for extortion purposes or launch further attacks.
"Not only does the attacker use a wide-ranging of functioning malicious applications toward entice the victim, they've also completed each tiny detail to confirm their actions are difficult toward trace," the researchers thought. "The group that built this malware take calculated it exceptionally well."
Wandera recommends disallowing third-party downloads, avoid rooting your device check which permissions apps request, and use a security solutions that can monitor and block C&C traffic at the device level.
Post a Comment