Connect with us

Hi, what are you looking for?

Android

Kaspersky Lab identifies targeted attack utilizing malware for Android devices

Kaspersky Lab, a leading developer of secure content and threat management solutions, has announced that it detected a new targeted attack against Uyghur activists.

Kaspersky Lab, a leading developer of secure content and threat management solutions, has announced that it detected a new targeted attack against Uyghur activists which, for the first time, is based on a malicious program for Android-based mobile devices.

AndroidThe attack is designed and performed in a similar manner as numerous other attacks on Uyghur and Tibetan activists, but instead of relying on exploit-rigged DOC, XLS or PDF documents for Windows-based computers or Macs, it targets mobile devices.

The Android malware used in the new attack steals private data from infected smartphones, including the address book and messaging history, and sends it to a command and control server.

This attack is believed to be the first of this kind utilizing fully functional Android malware and specifically targeting mobile devices of potential victims.

The attack took place at the end of March 2013 and started with the hacking of an email account belonging to a high-profile Tibetan activist. The attackers used this account to send ‘spear-phishing’ emails to his contact list.

Advertisement. Scroll to continue reading.

The malicious messages targeted Mongolian, Chinese, Tibetan and Uyghur political activists, and had attached an .APK file containing a malicious program for Android devices.

Investigation of this malware performed by Kaspersky Lab’s experts revealed that it was most likely designed by Chinese-speaking authors, judging by comments in the code and certain characteristics of the command and control server.

Costin Raiu, Director, Global Research & Analysis Team said, “Until now we have not seen targeted attacks against mobile devices in the wild, although there were signs that attackers were interested and experimenting in this field.”

He also said “This particular attack utilizes a fully featured Trojan aimed at stealing private data from a targeted group of victims. The attackers have so far used social engineering to trick the victims into installing the app. However, we believe that in the future such attacks will exploit vulnerabilities in mobile software, or a combination of techniques.”

Kaspersky Lab’s protection solutions for Android-based mobile devices – Kaspersky Mobile Security and Kaspersky Tablet Security – detect and block the malware used in this targeted attack as Backdoor.AndroidOS.Chuli.a.

Advertisement. Scroll to continue reading.

The malware is also blocked by the new corporate solution, Kaspersky Security for Mobile, available as part of company’s broad business security offering. Learn more about how Kaspersky Lab protects business data on mobile devices and addresses the emerging BYOD trend in this whitepaper.

A detailed report by Kaspersky Lab experts is available at Securelist.com: http://www.securelist.com/en/blog/208194186/Android_Trojan_Found_in_Targeted_Attack

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

Kaspersky has detected and blocked over 13 million web threats from its security solutions for businesses in Southeast Asia (SEA). Historical data from the...

HEADLINES

Kaspersky has been at the forefront of raising awareness about cybercrimes and empowering individuals and organizations to protect themselves.

White Papers

46% of geo-distributed companies encountered network problems between one and three times per month, while 13% stated they experienced network challenges every week. The...

White Papers

Kaspersky’s latest white paper revealed that 7 in 10 educators would rather use mobile data than a public network as a precautionary measure. However,...

HEADLINES

The data indicated a staggering 30% global increase in the number of these groups compared to 2022, accompanied by a 71% surge in known...

HEADLINES

Kaspersky experts are providing essential tips to enhance password security, ensuring that users data stays out of the hands of attackers.

HEADLINES

From the period of January to December 2023, a total of 61,374,948 Bruteforce.Generic.RDP. were detected and foiled by Kaspersky B2B products installed in companies...

HEADLINES

Experts from the global cybersecurity company insist on organizations, regardless of shape and size, to beef up their IT security posture as ransomware, especially...

Advertisement