BACKGROUND:

Researchers at the Lookout Threat Lab provide a highly detailed review of new rooting malware distributed in fully functioning apps offered on Google Play, Amazon App store and the Samsung Galaxy store. They are calling the malware “AbstractEmu” “after its use of code abstraction and anti-emulation checks to avoid running while under analysis.” The malware leverages recent CVE’s from 2019-20 to allow access to a wide variety of hardware and uses quite sophisticated methods to confirm each device types to avoid detection.  A very interesting 5 min read.

Experts Comments

November 01, 2021
Doug Britton
CEO
Haystack Solutions

AbstractEmu is a sophisticated and far-reaching malware. Exploiting a chipset vulnerability can allow a hacker to read/write physical memory. As a result, this can allow modification of user privilege. This is a fundamental piece of hardware to hundreds of thousands, even millions of devices. This combined with other highly technical exploits makes AbstractEmu a significant vulnerability. As hackers grow their capabilities and power, we need to ensure we invest in the next generation of cyber

.....Read More

AbstractEmu is a sophisticated and far-reaching malware. Exploiting a chipset vulnerability can allow a hacker to read/write physical memory. As a result, this can allow modification of user privilege. This is a fundamental piece of hardware to hundreds of thousands, even millions of devices. This combined with other highly technical exploits makes AbstractEmu a significant vulnerability. As hackers grow their capabilities and power, we need to ensure we invest in the next generation of cyber professionals. This is the best long-term defense to combat the rise of malware and bad actors that are quickly becoming the biggest threat to an increasingly digital economy. We have the technology to find this talent, we need to move quickly and get them into the fight.

  Read Less
November 01, 2021
Saryu Nayyar
CEO
Gurucul

If you thought your phone was safe from malware, think again. There is a rootkit for Android that is already on a number of apps in Google Play, Amazon Appstore, and the Samsung Galaxy store. There are a number of commands that the rootkit can execute, depending on the circumstances.

Phones are increasingly being targeted for attacks, in large part because of the sheer number of devices in active use. Users have to take the same care with their phones that they do with their traditional

.....Read More

If you thought your phone was safe from malware, think again. There is a rootkit for Android that is already on a number of apps in Google Play, Amazon Appstore, and the Samsung Galaxy store. There are a number of commands that the rootkit can execute, depending on the circumstances.

Phones are increasingly being targeted for attacks, in large part because of the sheer number of devices in active use. Users have to take the same care with their phones that they do with their traditional computers, and be wary of installing unknown or unusual apps, and looking for different behaviors as they use their phones. Enterprises who provide phones to employees have to be able to monitor those devices for unusual activity.

  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.