First targeted trojan attacks hit Android

By

Infected APK.

A spear-phishing attack serving malware over Android has been detected, the first of its kind according to Kaspersky Lab.

First targeted trojan attacks hit Android

The android trojan app was sent via email to Uyghur activists and advocates using a hijacked account email account belonging to a high-profile Tibetian activist.

Costin Raiu, Kurt Baumgartner and Denis Maslennikov said in a blog it indicated a new style of attack that exploited truisted relationships.

“It is perhaps the first in a new wave of targeted attacks aimed at Android users,” the researchers said.

"So far, the attackers relied entirely on social engineering to infect the targets. History has shown us that, in time, these attacks will use zero-day vulnerabilities, exploits or a combination of techniques."

In style typical of such activist attacks, executing the attachment dropped both a legitimate file -- a letter -- and a backdoor which confirms the infection to a command-and-control (C&C) server.

The infected box would then send out data including phone and SIM contacts; call logs; SMS messages; geolocation data, and phone data such as the phone number, OS version, device model, and SDK version.

Most attacks against Uyghurs target Windows machines through Word documents exploiting known vulnerabilities (CVE-2012-0158, CVE-2010-3333, CVE-2009-3129).

This article originally appeared at scmagazineuk.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, UK edition
Tags:

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Ex-student charged over Western Sydney University cyberattacks

Ex-student charged over Western Sydney University cyberattacks

Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"

SA Water plans 'once-in-a-generation' core technology uplift

SA Water plans 'once-in-a-generation' core technology uplift

Log In

  |  Forgot your password?