Holiday Themed Apps Hiding Malware
Posted by: Timothy Weaver on 12/26/2015 11:07 AM
[
Comments
]
CloudSek CTO Rahul Sasi claimed that a group calling itself the “Santa-APT” is hiding information-stealing malware inside Santa and other Christmas-themed mobile apps.
Once it grabs files and screenshots, it sends the info to a Command and Control center in Germany. CloudSek also discovered unused folders for keylogs and voice recordings, hinting that the trojan may still be in development.
The group is actively looking for app developers and is pushing out Christmas-themed mobile games loaded with malware. The info is then sent back to the same C&C servers in Germany.
The apps are designed to steal a variety of info including contacts, SMS, call records, location info, calendar, photos, and browser history.
“This Christmas make sure you think about security before installing an app,” he warned.
“Verify the permissions you are granting an application before accepting them. Ensure that an application has enough legitimate reviews. And last but not the least, do not let someone else install any application on your official/personal devices.”
Source: InfoSecurity
Once it grabs files and screenshots, it sends the info to a Command and Control center in Germany. CloudSek also discovered unused folders for keylogs and voice recordings, hinting that the trojan may still be in development.
The group is actively looking for app developers and is pushing out Christmas-themed mobile games loaded with malware. The info is then sent back to the same C&C servers in Germany.
The apps are designed to steal a variety of info including contacts, SMS, call records, location info, calendar, photos, and browser history.
“This Christmas make sure you think about security before installing an app,” he warned.
“Verify the permissions you are granting an application before accepting them. Ensure that an application has enough legitimate reviews. And last but not the least, do not let someone else install any application on your official/personal devices.”
Source: InfoSecurity
Comments
