Wednesday, 28 February 2018

Researchers Warn Of Android Malware RedDrop

Security researchers warn of a new type of malware for Android phones called RedDrop. Hackers can not only steal a lot of information from the infected smartphone, sounds can be recorded and photos can be taken and Premium SMS messages can be sent.

Security company Wandera has researched the new malware and observes that RedDrop is now nestled in at least 53 Android apps. When such an infected app is opened, at least seven new APKs are installed in the background, each with malicious functions.

With the help of spyware, all kinds of information about the user is collected and then sent to a Dropbox account of the attacker. The data collected includes local files, such as photos, live sound recordings, device and SIM information (IMEI, IMSI, MNC, MCC) and information from the application and Wi-Fi networks in the area.

Also, if a user uses the infected app, a text message is sent to a payment service in the background, which is immediately removed to prevent discovery.

The creators of RedDrop use a content distribution network with more than 4000 domain names to distribute the malware. The researchers suspect that a lot is referred to domains to hide the source of the malware as well as possible.

Malware Infection Chain:

According to Michael Covington, VP Product Strategy at Wandera, this is very sophisticated malware . "The criminals very cleverly offer a seemingly handy app that performs all sorts of complex malicious activities in the background. The attacker not only uses a wide range of malicious applications to tempt the victim, they have also perfected every little detail to ensure that their actions are difficult to trace. This is one of the more persistent malware variants we've seen. "

No comments:

Post a Comment