Threat Actors Pivot to Find New Ways to Exploit Mobile Devices, Says Expert

Security researchers have uncovered a batch of Google Play apps that stole users’ text messages and made unauthorized purchases on users’ dime.

The malware, which was hidden in eight apps that had more than 700,000 downloads, hijacked SMS message notifications and then made unauthorized purchases, McAfee mobile researchers Sang Ryol Ryu and Chanung Pak said Monday. McAfee is calling the malware Android/Etinu. The researchers said an investigation of the attacker-operated server that controlled infected devices showed it stores all kinds of data from users’ phones, including their mobile carrier, phone number, SMS messages, IP address, country, and network status.

Experts Comments

April 21, 2021
Kristina Balaam
Senior Security Intelligence Engineer
Lookout

As users become more security conscious and fewer devices run older versions of Android, we're seeing threat actors pivot to find new ways to exploit these devices. Taking advantage of the Notification Listener is one clever pivot. Abusing Accessibility Services, downloading malicious payloads to previously clean applications, dynamically loading encrypted executables that masquerade as image assets – these are all additional ways malware authors have become more creative when faced with a

.....Read More

As users become more security conscious and fewer devices run older versions of Android, we're seeing threat actors pivot to find new ways to exploit these devices. Taking advantage of the Notification Listener is one clever pivot. Abusing Accessibility Services, downloading malicious payloads to previously clean applications, dynamically loading encrypted executables that masquerade as image assets – these are all additional ways malware authors have become more creative when faced with a shrinking Android vulnerability landscape. There are dozens of other examples, and we’re going to see this list continue to grow.

  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.