Threat Actors Pivot to Find New Ways to Exploit Mobile Devices, Says Expert

By   ISBuzz Team
Writer , Information Security Buzz | Apr 21, 2021 04:20 am PST

Security researchers have uncovered a batch of Google Play apps that stole users’ text messages and made unauthorized purchases on users’ dime.

The malware, which was hidden in eight apps that had more than 700,000 downloads, hijacked SMS message notifications and then made unauthorized purchases, McAfee mobile researchers Sang Ryol Ryu and Chanung Pak said Monday. McAfee is calling the malware Android/Etinu. The researchers said an investigation of the attacker-operated server that controlled infected devices showed it stores all kinds of data from users’ phones, including their mobile carrier, phone number, SMS messages, IP address, country, and network status.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Kristina Balaam
Kristina Balaam , Senior Security Intelligence Engineer
April 21, 2021 12:22 pm

<p>As users become more security conscious and fewer devices run older versions of Android, we\’re seeing threat actors pivot to find new ways to exploit these devices. Taking advantage of the Notification Listener is one clever pivot. Abusing Accessibility Services, downloading malicious payloads to previously clean applications, dynamically loading encrypted executables that masquerade as image assets – these are all additional ways malware authors have become more creative when faced with a shrinking Android vulnerability landscape. There are dozens of other examples, and we’re going to see this list continue to grow.</p>

Last edited 2 years ago by Kristina Balaam

Recent Posts

Would love your thoughts, please comment.x