Today cybersecurity experts have a new Android malware strain that has strong connections with Russia’s GRU.
During a malware analysis, it was found that the spyware named Monokle, is capable of stealing all your personal information and send it back to hacker’s owned command-and-control servers. The most terrifying aspect of this malware is that it doesn’t need root access to collect your personal information. The malware has a unique set of assets. It can modify the Android device’s trusted root certificate, capture the screen unlock sequence, capture the auto-complete dictionary, and many other powerful sping things.
Remember everything can be hacked. In order to stay away from any threats related to the cyber world, we recommend the install of antivirus for Windows or antivirus for Mac on every device that you own, depending on which OS your device is running. If you are a company, it is also recommended to hire every year a specialized cybersecurity company that will run annual tests on your company’s network. These tests include penetration testing and ethical hacking tests;
Monokle seems to be developt by STC – a Russian government friend company – that is also known for developing an Android antivirus software, which surprisingly has the same infrastructure as Monokle.
In the wild Monokle was observed targeting very specific individuals, for now, it is believed that the Russian hackers used the tool to spy high-value targets only. But this doesn’t mean that the tool can’t be used in a variety of ways that can affect you, starting today!
In order to be safe in front of this kind of cyber threats please follow these specific steps:
- never install apps from untrusted sources or from unknown third-party sources
- install mobile antivirus
We would continue to monitor the cybersecurity world. Meanwhile, users should keep a keen eye out for any cyber-attacks. Remember to use an antivirus for Windows or antivirus for Mac in every device that you own, depending on which OS your machine is running, If you are a company we recommend to hire every year a specialized cybersecurity company that will run annual tests on your company’s network, tests like this include: penetration testing and ethical hacking.