ALL >> Computers >> View Article
Android Nemesis Mobstspy Goes Global Via Google Play
An Android Spyware disguised as games & utilities struck more than 100,000 victims in 196 countries before being taken out of Google Play. Detected as ANDROIDOS_MOBSTSPY & dubbed MobSTSPY, the malware initially grabbed attention when it was masqueraded as a called Flappy Birr Dog.
While it is common to find unarmed goods in third party app stores, MobSTSPY managed to infiltrate the authentic & reliable App Store i.e. Google Play with at least six different apps in 2018. These apps include:
HZPermis Pro Arabe,
Flappy Birr Dog
These apps pose as legitimate & claim to be torches, games & tools for productivity. Some of these have seen 10,000 download from users around the world. Though malware invasion in devices is common, but what makes this case more interesting is the widespread distribution of its applications.
Among the countries where the malware is scattered include Poland, Mozambique, Thailand Iran, Mexico, Tanzania, Vietnam, Algeria, Romania, Cambodia, Italy, Morocco, Malaysia, Kazakhstan, Germany, Iraq, Sri Lanka, Philippines, Argentina, Belarus, Saudi Arabia, the United Republic of Hungary & South Africa.
Threat Behavior of MobSTSPY
Unlike the undistinguished spyware, Mobstspy is scripted to embezzle wider range of data on the compromised devices. To evade detection and to build a strong base the malware after infiltration first detects the device’s network availability. It then reads and parses an XML configure file from its C&C (command and control server) hence registering the device.
It is observed that the malware leveraged Firebase Cloud Messaging (FCM) to communicate with the C&C server & depending on the command received it steals & transfers the data to the threat actors.
The threat behavior of Mobstspy can be categorized into two:
Information Stealer: The nasty android infection lines its pockets with important user data like user location, text messages, call logs, contact lists, clipboard items & instance downloaded files on android devices. It also collects device information like its registered country, language used, package name, device manufacturer & so on to keep a track of devices for future social engineering attacks. The collected information is sent to C&C server via FCM.
Phishing Aspect: In addition to info-stealing capabilities, malware is scripted to steal credentials of prominent social networking sites by displaying phishing screen. For instance, forged Facebook and Google login screens are displayed to trick users to enter the credentials. When the user provides the username & password, it returns an unsuccessful login message, but the credentials have already been stolen.
Read More :- Click here
Virus Removal Guidelines is a web portal that is committed to offer you with the best guides and removal tools for all your malware and virus infection issues. It is our desire to create awareness towards the various threats that roam the World Wide Web. We want to ensure that we have a future where every user is guaranteed to have better portal security and an efficient browsing experience. http://www.virusremovalguidelines.com/
Computers Articles1. What Benefits Do Customer Sentiment Analysis Can Garner For Businesses?
Author: Oliver Moore
2. What Is App-ads.txt
3. How Can You Set Up Your Netgear Router's Password?
Author: Netgear Support
4. Secure Cloud Storage Solutions In Canada
5. Asterisk Development Influenced Industry Verticals
Author: sandip Patel
6. How To Fix The Service Battery Warning On Mac?
Author: jaxson harry
7. How To Keep Your Apple Id Secure And Protected
8. How To Keep Using Time Machine When The Airport Time Capsule Is Disconnected?
9. Service Joy Gogek Clone
10. How To Adjust Windows Sleep Settings?
Author: Elina John
11. How To Activate And Use Remote Connections On Your Pc?
Author: Elina John
12. Manage Your Business With Erp Software
13. Canon Printer Error State Windows 10
Author: Erica Turner
14. Effect Of Antivirus Software On The Device
15. Cisco Switch
Author: Zorins Technologies