Malware Found on Google Play
Posted by: Timothy Weaver on 09/21/2016 10:35 AM
[
Comments
]
Google Play is continuing to host malware. Just recently, Google Play had to remove four apps that were distributing a new form of malware dubbed Overseer.
If a victim downloaded the app, the malware will steal personal information including, user's name, cell number, email address and contacts, the victim's exact location, network ID, internal and external memory, phone type, permissions and more, according to researchers Michael Flossman and Kristy Edwards with Lookout Security.
One of the apps was an embassy finder that would target foreign travelers. Also acting as news app, the apps were designed to spread Overseer.
What caught the researchers attention was that the malware uses Facebook's Parse Server hosted on Amazon Web Services for command and control purposes.
“This allows it to remain hidden because it doesn't cause Overseer's network traffic to stand out and could potentially present a challenge for traditional network-based IDS solutions to detect,” the researchers said.
Source: SCMagazine
If a victim downloaded the app, the malware will steal personal information including, user's name, cell number, email address and contacts, the victim's exact location, network ID, internal and external memory, phone type, permissions and more, according to researchers Michael Flossman and Kristy Edwards with Lookout Security.One of the apps was an embassy finder that would target foreign travelers. Also acting as news app, the apps were designed to spread Overseer.
What caught the researchers attention was that the malware uses Facebook's Parse Server hosted on Amazon Web Services for command and control purposes.
“This allows it to remain hidden because it doesn't cause Overseer's network traffic to stand out and could potentially present a challenge for traditional network-based IDS solutions to detect,” the researchers said.
Source: SCMagazine
Comments
