Israeli Citizens are the Primary Target of New Android Mobile Spying Campaign Using ViceLeaker Malware, says Kaspersky.
Kaspersky Lab researchers discovered an Android malware campaign active since 2016 and still going strong. Dubbed ViceLeaker; researchers claim that it is the product of a group of hackers that is specifically targeting Middle Eastern and Israeli citizens.
ViceLeaker campaign utilizes the notorious surveillance malware called Triout, and Kaspersky researchers detected it for the first time in May 2018. It is worth noting that Bitdefender also reported about the campaign in one of their recent blog posts, therefore, Kaspersky isn’t the only firm to have detected the malware campaign.
See: This malware turns itself into ransomware if you try to remove it
Initial analysis revealed that hackers were targeting “dozens of mobile Android devices belonging to Israeli citizens.” The spyware sensors used by Kaspersky detected attack signals from the device belonging to one of the victims along with the hash of an Android application (APK) involved in the attack.
Attribution flow of the malware (Screenshot: Kaspersky)
Researchers then tagged a sample of their own to inspect further and discovered that the APK’s inner functionalities included launching a malicious payload, which was already embedded in the APK’s original coding.
This means, it was a customized spyware program developed to extract sensitive data. To disassemble the original application’s code and add the malicious one, attackers ha ..
Support the originator by clicking the read the rest link below.
