Image credit: Wikinotica
As much as we would rather not report on yet another Android malware scare (we think security issues are overblown and that any platform is vulnerable, anyway), this one seems to be a first in the Android ecosystem. Security researchers have discovered what may be the first targeted Android malware attack, which is basically a smartly-crafted social engineering attack that specifically targeted a Tibetan activist, with the intent of spreading itself through the target’s contacts, thereby gaining access to their devices and information.
According to Russian security company Kaspersky Labs, hackers broke into the victim’s email account and distributed Android malware to this person’s contact list. The malware did the following:
According to Kaspersky, the server is located at a Los Angeles-based data center, and the box actually hosts other Android malware. The server hosts a web-based interface that gives hackers remote-control access to their “slave” smartphones. The fact that the UI is in Chinese is probably indicative of the source of the attacks. The server’s IP address is actually registered to a Chinese company in Beijing.
Cyber-warfare is deemed to be the next frontier in warfare, which is why even the US government is actually beefing up its security assets. This even includes hiring talented hackers straight out of school, in the hope of improving both offensive and defensive capabilities. Meanwhile, restrictive regimes are likely to want to keep tabs on their supposed “enemies of the state.” And because data contained in smartphones will usually contain potentially incriminating contact lists, messages and even location data, this makes the targeted attack all the more effective.
True enough, Android malware won’t eat your children, but this doesn’t mean you can go ahead and be carefree or careless with the apps you install. This especially goes if you know you have enemies (online or otherwise), and you have information to protect.
Like this post? Share it!
This is not the first time and wont be the last either by the CCP todo something like this.China will never become a respected super power nation due to poor behavior. Chinese govt. think they are smart, they don’t realize how stupid it makes them look doing these things. The communist party will come to an end for sure.
Like it’s only China’s communist party doing this?
So in order to be affected by this, the victims would have had to
1) Allow third party apps, ignoring a warning that this could expose them to malware.
2) Click on a file in email that had an APK extension, ignoring another warning that this could expose them to malware.
3) Ignore a request for permissions from a suspicious untrusted app that wanted access to the user’s contact list, existing SMS messages, call logs, geo-location data, internet access and permission to send SMS even though there should have been no reason for it to need any of these permissions?
Yeah, obviously viruses are a huge problem in the Android environment.