Hackers are using these fake Android apps to spy on Israeli soldiers.
All the fake Android apps that researchers have discovered are installing ViperRAT, Desert Scorpion and FrozenCell malware in victims devices; this malware can take photos and record audio.
They found ViperRAT malware incorporated into two apps; these apps targeted members of the Israeli Defense Force. Another app uses two malware types, named Desert Scorpion and FrozenCell, to spy on targets in Palestine.
ViperRAT apps focus on social networking and chat. After installation, they would profile the device and try to download a second-stage surveillance component.
Meanwhile, the Desert Scorpion app also uses a second-stage payload that downloads malicious components when a user interacts with the app. That component gains almost unfettered access to the device; it can grab devices, metadata, track a user’s locations, send messages, record surrounding audio, calls, and video.
As you can see nothing is safe in the digital world; cybersecurity represents a must nowadays. Remember, to be safe and secured in the cyberspace, depending on which version of OS your device runs; you must install an antivirus for Android, an antivirus for Windows or antivirus for Mac.
Companies must also remember that professional, legit cybersecurity firms are offering good cybersecurity packages that can be used to test your company’s network integrity by running various tests like penetration test and ethical hacking tests.
It is suspected that behind this malware is the advanced persistent threat group, known as APT-C-23.
This group has been around since 2015; it is formed from “highly active” hackers that are linked to Hamas.
In both cases, the actors behind the malicious apps used phishing techniques to trick victims into downloading the apps.
Their success is so effective because all the apps are downloaded from Android’s official app store, Google Play.
A malware analysis on Desert Scorpion app showed that it was not included in the app when submitted to Google Play. Rather, it was downloaded later when the user was interacting with the app.
The Desert Scorpion app was installed more than a hundred times, and ViperRAT apps had about a thousand combined installs.
After the discovery, Google removed the apps from the app store.
All devices must be protected only by the best cybersecurity solution like an antivirus, so install an antivirus for Android, an antivirus for Windows or antivirus for Mac, depending on which version of OS your device runs. Companies should verify their networks twice a year by hiring professionals to do a penetration test and various ethical hacking tests.