Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Android malware makes first targeted attack

Kaspersky Lab UK : 27 March, 2013  (Technical Article)
Software designed to steal messages and contacts from Android smartphones in use by Chines activists
Android malware makes first targeted attack

Kaspersky Lab has detected a new targeted attack against Uyghur activists which, for the first time, is based on a malicious program for Android-based mobile devices. The attack is designed and performed in a similar manner as numerous other attacks on Uyghur and Tibetan activists, but instead of relying on exploit-rigged DOC, XLS or PDF documents for Windows-based computers or Macs, it targets mobile devices.

The Android malware used in the new attack steals private data from infected smartphones, including the address book and messaging history, and sends it to a command and control server. This attack is believed to be the first of this kind utilising fully functional Android malware and specifically targeting mobile devices of potential victims.

The attack took place at the end of March 2013 and started with the hacking of an email account belonging to a high-profile Tibetan activist. The attackers used this account to send ‘spear-phishing’ emails to his contact list. The malicious messages targeted Mongolian, Chinese, Tibetan and Uyghur political activists, and had attached an .APK file containing a malicious program for Android devices. Investigation of this malware performed by Kaspersky Lab’s experts revealed that it was most likely designed by Chinese-speaking authors, judging by comments in the code and certain characteristics of the command and control server.

Costin Raiu, Director, Global Research & Analysis Team, Kaspersky lab comments; “Until now we have not seen targeted attacks against mobile devices in the wild, although there were signs that attackers were interested and experimenting in this field. This particular attack utilises a fully featured Trojan aimed at stealing private data from a targeted group of victims. The attackers have so far used social engineering to trick the victims into installing the app. However, we believe that in the future such attacks will exploit vulnerabilities in mobile software, or a combination of techniques.”

Kaspersky Lab’s protection solutions for Android-based mobile devices – Kaspersky Mobile Security and Kaspersky Tablet Security – detect and block the malware used in this targeted attack as Backdoor.AndroidOS.Chuli.a. The malware is also blocked by the new corporate solution, Kaspersky Security for Mobile, available as part of company’s broad business security offering.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo