The two apps have advanced permissions that allow them to hide their icons from the general view to make their uninstallation harder. Operating system version number, which can lead to vulnerable system exploit like the Pegasus spyware did.Media compiled in the application: Pictures, audio and video contents.The two apps have a large number of users but no reviews, a circumstance that suggests the threat actors used an install farm or mobile device emulators to fake those numbers to increase the rank of the apps in the store. The researchers noticed that both app perform more than a hundred transmissions of the collected data, which is unusual for modern spyware. The two apps have been designed to steal a broad range of information, including users’ contact lists, media files (Pictures, audio and video contents), real-time location, mobile country code, network provider name, network code of the SIM provider, operating system version, device brand, and model. ![]() ![]() We have alerted Google of the discovery before publishing this alert.” reads the analysis published by Pradeo. “They are programmed to launch without users’ interaction, and to silently exfiltrate sensitive users’ data towards various malicious servers based in China. The first app named “File Recovery and Data Recovery” () has over 1 million installs, and the second one named “ File Manager ” (.gkd) has over 500,000 installs.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |