Three applications published on the PlayStore hide malware that allows collecting information from infected devices, including location and the contact list. These suspicious malware applications are published by the developer “SecurITY Industry”.
The total downloads barely reach 100, which suggests that these applications are used to carry out targeted attacks. The applications request permissions such as access to location and the contact list. The collected data is stored in system directories.
The researchers from Cyfirma, authors of this investigation, creen que los atacantes han abandonado las técnicas de phishing por correo electrónico en favor de ataques directos por mensajería instantánea usando WhatsApp y Telegram.
Fountain: Bleeping Computer