BACKGROUND:
Researchers at the Lookout Threat Lab provide a highly detailed review of new rooting malware distributed in fully functioning apps offered on Google Play, Amazon App store and the Samsung Galaxy store. They are calling the malware “AbstractEmu” “after its use of code abstraction and anti-emulation checks to avoid running while under analysis.” The malware leverages recent CVE’s from 2019-20 to allow access to a wide variety of hardware and uses quite sophisticated methods to confirm each device types to avoid detection. A very interesting 5 min read.
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
