123ArticleOnline Logo
Welcome to 123ArticleOnline.com!
ALL >> Computers >> View Article

Android Nemesis Mobstspy Goes Global Via Google Play

By Author: Virus Removal Gudilines
Total Articles: 70

An Android Spyware disguised as games & utilities struck more than 100,000 victims in 196 countries before being taken out of Google Play. Detected as ANDROIDOS_MOBSTSPY & dubbed MobSTSPY, the malware initially grabbed attention when it was masqueraded as a called Flappy Birr Dog.

While it is common to find unarmed goods in third party app stores, MobSTSPY managed to infiltrate the authentic & reliable App Store i.e. Google Play with at least six different apps in 2018. These apps include:

FlashLight,
HZPermis Pro Arabe,
Win7imulator,
Win7Launcher, and
Flappy Bird
Flappy Birr Dog
These apps pose as legitimate & claim to be torches, games & tools for productivity. Some of these have seen 10,000 download from users around the world. Though malware invasion in devices is common, but what makes this case more interesting is the widespread distribution of its applications.

Among the countries where the malware is scattered include Poland, Mozambique, Thailand Iran, Mexico, Tanzania, Vietnam, Algeria,  Romania, Cambodia, Italy, Morocco, Malaysia, Kazakhstan, Germany, Iraq, Sri Lanka, Philippines, Argentina, Belarus, Saudi Arabia, the United Republic of Hungary & South Africa.

Threat Behavior of MobSTSPY
Unlike the undistinguished spyware, Mobstspy is scripted to embezzle wider range of data on the compromised devices. To evade detection and to build a strong base the malware after infiltration first detects the device’s network availability. It then reads and parses an XML configure file from its C&C (command and control server) hence registering the device.

It is observed that the malware leveraged Firebase Cloud Messaging (FCM) to communicate with the C&C server & depending on the command received it steals & transfers the data to the threat actors.

The threat behavior of Mobstspy can be categorized into two:

Information Stealer: The nasty android infection lines its pockets with important user data like user location, text messages, call logs, contact lists, clipboard items & instance  downloaded files on android devices. It also collects device information like its registered country, language used, package name, device manufacturer & so on to keep a track of devices for future social engineering attacks. The collected information is sent to C&C server via FCM.
Phishing Aspect: In addition to info-stealing capabilities, malware is scripted to steal credentials of prominent social networking sites by displaying phishing screen. For instance, forged Facebook and Google login screens are displayed to trick users to enter the credentials. When the user provides the username & password, it returns an unsuccessful login message, but the credentials have already been stolen.
Read More :- Click here

More About the Author

Virus Removal Guidelines is a web portal that is committed to offer you with the best guides and removal tools for all your malware and virus infection issues. It is our desire to create awareness towards the various threats that roam the World Wide Web. We want to ensure that we have a future where every user is guaranteed to have better portal security and an efficient browsing experience. http://www.virusremovalguidelines.com/

Total Views: 28Word Count: 388See All articles From Author

Computers Articles

1. Top 5 Reasons Why You Should Rent Laptops And Computers
Author: vinod PJ

2. Auto Invoice Delivery – Progressing Towards A Paperless Future
Author: Jesse Chris

3. 6 Best Guitar And String Instrument Tuners
Author: Devin Smith

4. 6 Best Hi-tech Equipment For Skiers In 2019
Author: Devin Smith

5. Door Hanger Printing
Author: Maxwinn

6. Note Pad Printing
Author: Mamwinn

7. What Are The Key Benefits Of The Global Edge Computing Market?
Author: Andrew Thomas

8. Microsoft Office 365 Users To Have Smarter Malware Protection
Author: James Smith

9. Harry Potter Wizards Unite Features Rpg With Pokemon Go
Author: Devin Smith

10. Fortnite: New Patch Includes The Baller Vehicle
Author: Devin Smith

11. Apex Legends: 355,000 Players Banned For Cheating
Author: Devin Smith

12. Enable Firewall To Secure Your Devices With Mcafee Web Security
Author: John mayer

13. The Best Monitor Swing Arm Desk Mount Just Got Leaked, And Its Called Neckdoctor
Author: Monitor brands

14. Why Computer Recycling Today Is A Great Idea
Author: Jill Clevenger

15. Things To Consider Before Buying Laptops For Business
Author: Corpkart

Login To Account
Login Email:
Password:
Forgot Password?
New User?
Sign Up Newsletter
Email Address: