Malware Alert! Hackers Attacking Indian Android users

/in


A new malware campaign has been identified targeting Android users in India.

This sophisticated attack distributes malicious APK packages to compromise personal and financial information. The malware, available as a Malware-as-a-Service (MaaS) offering, underscores the evolving threat landscape in the digital age.

Symantec, a global leader in cybersecurity, has stepped up to protect users from this emerging threat.

The Rise of Malicious APKs

The campaign has been meticulously designed to spread malware through APK packages disguised as legitimate applications.

Document

Free Webinar : Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

:

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

AcuRisQ, that helps you to quantify risk accurately:

These applications, which appear to offer services such as customer support, online bookings, billing, or courier services, are vehicles for a range of malicious activities.

Once installed, the malware targets the theft of banking information, SMS messages, and other confidential data from victims’ devices.

This strategy of disguising malicious software as harmless applications is not new but remains highly influential.

The attackers exploit the trust users place in app downloads, particularly those offering valuable services.

Broadcom has recently released a report on a Malware-as-a-Service (MaaS) campaign specifically targeting Android users in India.

The attack represents a threat to the security of Android devices in the region and can potentially cause significant damage to individuals and organizations.

Symantec has identified the malware through its robust security systems, classifying it under two main categories:

Mobile-based Threats:

  • Android.Reputation.2
  • AppRisk: Generisk

Web-based Threats:

The campaign’s infrastructure, including observed domains and IPs, falls under security categories protected by…

Source…