- V3 Apps
Kaspersky Lab has detected a new mobile malware variant being used against Tibetan activists, warning it is only a matter of time before European crooks adopt the evolved attack method.
The Russian security firm reported uncovering the atypical attack method in a blog post on Tuesday.
"Several days ago, the email account of a high-profile Tibetan activist was hacked and used to send targeted attacks to other activists and human rights advocates," wrote Kaspersky Lab researcher Kurt Baumgartner.
"Perhaps the most interesting part is that the attack emails had an APK attachment - a malicious program for Android."
The malware is reportedly spread using a spear phishing campaign that attempts to dupe its victims into downloading an infected Android app. Once on the device the app collected and sent out information stored on the phone.
Similar, less sophisticated, money focused SMS messaging scams have been detected targeting the Android platform with infected web links and Trojan apps in the past.
Baumgartner told V3 the targeted use of Android malware marks an evolution in hackers' attack strategy.
"It's very interesting that mobile technology itself is being misused to launch targeted attacks and infiltrate specific individuals and organisations," Baumgartner told V3.
"While misusing Android code is not new in its own right, the complexity around co-ordinating coding and delivery of Android technology into targeted attacks on specific groups, and incorporating timely content into a toolset is not something any other groups have done.
"It has been prototyped at a very basic level, but here we see a full implementation and delivery."
Baumgartner also warned it is only a matter of time before Western cyber criminals and hacktivists adopt the new attack method.
"We have seen malicious code installed on workstations to collect contact lists and other data from mobile devices as a part of targeted attacks, like in the multi-year Red October operation," Baumgartner told V3.
"But to spread code to mobile devices with any amount of precision in these attacks ups the game and we expect these practices to be adopted in other operations."
The news follows widespread warnings within the security industry that the number of attacks targeting Android are increasing.
Most recently security firm Lookout reported detecting an evolved version of the NotCompatible malware targeting the Android ecosystem with spam email messages.