All the latest UK technology news, reviews and analysis


Mobile malware caught copying Red October's tricks in latest Android threat

26 Mar 2013
Google Android logo

Kaspersky Lab has detected a new mobile malware variant being used against Tibetan activists, warning it is only a matter of time before European crooks adopt the evolved attack method.

The Russian security firm reported uncovering the atypical attack method in a blog post on Tuesday.

"Several days ago, the email account of a high-profile Tibetan activist was hacked and used to send targeted attacks to other activists and human rights advocates," wrote Kaspersky Lab researcher Kurt Baumgartner.

"Perhaps the most interesting part is that the attack emails had an APK attachment - a malicious program for Android."

The malware is reportedly spread using a spear phishing campaign that attempts to dupe its victims into downloading an infected Android app. Once on the device the app collected and sent out information stored on the phone.

Similar, less sophisticated, money focused SMS messaging scams have been detected targeting the Android platform with infected web links and Trojan apps in the past.

Baumgartner told V3 the targeted use of Android malware marks an evolution in hackers' attack strategy.

"It's very interesting that mobile technology itself is being misused to launch targeted attacks and infiltrate specific individuals and organisations," Baumgartner told V3.

"While misusing Android code is not new in its own right, the complexity around co-ordinating coding and delivery of Android technology into targeted attacks on specific groups, and incorporating timely content into a toolset is not something any other groups have done.

"It has been prototyped at a very basic level, but here we see a full implementation and delivery."

Baumgartner also warned it is only a matter of time before Western cyber criminals and hacktivists adopt the new attack method.

"We have seen malicious code installed on workstations to collect contact lists and other data from mobile devices as a part of targeted attacks, like in the multi-year Red October operation," Baumgartner told V3.

"But to spread code to mobile devices with any amount of precision in these attacks ups the game and we expect these practices to be adopted in other operations."

The news follows widespread warnings within the security industry that the number of attacks targeting Android are increasing.

Most recently security firm Lookout reported detecting an evolved version of the NotCompatible malware targeting the Android ecosystem with spam email messages.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson
About

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus
Poll

BYOD vs CYOD vs BYOC poll

Which approach is your firm taking to managing employees' mobile devices?
22%
13%
4%
22%
28%
11%

Popular Threads

Powered by Disqus
Sony Xperia Z2 Tablet powered by Android KitKat 4.4

Sony Xperia Z2 Tablet video

We take a look at the lightweight, waterproof tablet

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv33

Data protection: the key challenges

Deduplication is a foundational technology for efficient backup and recovery

rdc2

iPad makes its mark in the enterprise

The iPad can become a supercharged unified communications endpoint, allowing users to enhance their productivity

Software Development Engineer

Develop: Customise: Configure. Maximise your technical...

Application Specialist

Application Specialist Salary £31,500 per annum...

Junior IT Desktop Support Analyst

This is a fantastic opportunity to work for a dynamic...

Test Analysts

Test Analysts At Novacroft, we work in partnership...
To send to more than one email address, simply separate each address with a comma.