Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Android Trojan Used in APT Attacks

wiredmikey (1824622) writes | about a year and a half ago

Android 0

wiredmikey (1824622) writes "Targeted attacks against Tibetan and Uyghur activists are nothing new, but attackers appear to be expanding their arsenal of attack tools to the Android platform. While attacks against the activists in the past have targeted both Windows and Mac OS X-based platforms, researchers from Kaspersky Lab have discovered an APT that successfully leverages Android to compromise targets.

According to Kaspersky researchers, a high profile Tibetan activist had his email account hacked on March 24th, 2013. Attackers used the hacked account to send spear phishing emails to the victim’s contact list that included a malicious Android Package (APK) attachment named “WUC’s Conference.apk”, which if installed, creates a malicious app called ‘Conference’ on the Android desktop.

If the victim launches the malicious app, the malware silently contacts a C&C server and starts to harvest data including includes contacts, call logs. SMS messages, geolocation and other phone data such as phone number, OS version, phone model, and SDK version.

While there have been previous indications that these types of attacks were in development, this attack is perhaps the first in a new wave of targeted attacks aimed at Android users, Kaspersky noted in a blog post. “So far, the attackers relied entirely on social engineering to infect the targets. History has shown us that, in time, these attacks will use zero-day vulnerabilities, exploits or a combination of techniques.”"

Link to Original Source

cancel ×


Sorry! There are no comments related to the filter you selected.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?