Casa > cibernético Notícias > KevDroid Android Malware Records Audio, Colheitas dados confidenciais
CYBER NEWS

KevDroid Android Malware grava áudio, Colheitas dados confidenciais

A nova peça de malware Android foi descoberto. KevDroid apelidado, o malware está sendo distribuído na forma de um aplicativo falso anti-vírus chamado Naver Defender. KevDroid is in fact a remote administration tool that steals sensitive data from infected devices. Contudo, the malware is also capable of recording phone calls.

KevDroid Android Malware Technical Details

KevDroid was first discovered by ESET researchers, and later it was analyzed by Cisco Talos.

Talos identified two variants of the Android Remote Administration Tool (RATO). Both samples have the same capabilities — namely to steal information on the compromised device (such as contacts, SMS and phone history) and record the victim’s phone calls.

Story relacionado: RottenSys Android Malware pré-instalado em 5 Milhões de dispositivos

One variant of the malware has been detected to leverage a known Android exploitCVE-2015-3636in order to get root access on the compromised Android device, the researchers said in their detailed analysis. além disso, data collected by both variants was sent via HTTP POST to a unique command and control server. As for the ability to record calls – it has been implemented based on an open-source project available on GitHub.

Researchers are not sure yet who is behind the malware campaign. Contudo, according to South Korean media coverage, the KevDroid malware may be linked to North Korea state-sponsored group known as Group 123 which is behind cyber espionage campaigns.

The current list of malicious capabilities that KevDroid has includes the recording of phone calls and audio data, stealing web history and files, obtaining root access, stealing call logs, SMS, e-mails, collecting the devices’ location every 10 segundos, and harvesting the list of all installed applications.

What Аre the Consequences of a KevDroid Infection?

If attackers were successful in obtaining some of the data the malware is capable of harvesting, it could result in a number of issues for the infected user, pesquisadores disse.

Since mobile phones are used in nearly all activities, they contain tons of sensitive and personally identifiable data, such as photographs, senhas, informação bancária. An infection with KevDroid could result in the leakage of data, which inexorably could lead to a number of outcomes.

Story relacionado: Preocupe-se: Facebook Scraped SMS e chamadas de dados em dispositivos Android

Depending on the victim’s status (such as corporate user), the result of this infection could even lead to the kidnapping of a loved one, blackmail by using images or secretive information, colheita credencial, multi-factor token access (SMS MFA), banking/financial implications and access to privileged information via emails/texts, pesquisadores avisaram. Many users access their corporate email via mobile devices.

Milena Dimitrova

Um escritor inspirado e gerente de conteúdo que está com SensorsTechForum desde o início do projeto. Um profissional com 10+ anos de experiência na criação de conteúdo envolvente. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:
Twitter

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...