Cyber experts at McAfee have detected return of a hacker group that had populated a few malware-laden apps on Google Play platform which can steal information from the mobile devices. “We found three apps uploaded by the actor we named Sun Team, based on email accounts and Android devices used in the previous attack. While one is a food ingredient app, the other two are app-lock apps,” a McAfee expert said.
These apps, when downloaded, secretly steal device information and receive commands and additional executable (.dex) files from a cloud control server. Once downloaded, these malwares would spread to friends, asking them to install the apps and offer feedback via a Facebook account with a fake profile that heavily promote the hacker source.
“This malware campaign used Facebook to distribute links to malicious apps that were labelled as unreleased versions. From our analysis, we conclude that the actor behind both campaigns is Sun Team,” the Inernet security solutions company said.
How to be safe
“Be cautious when installing unreleased or beta versions of any app. Also, check the number of downloads to see if an app is widely installed. Make it a point to avoid obscure apps,” it said. “Always keep your mobile security application updated to the latest version. The most worrying thing about this Sun Team operation is that they use photos uploaded on social network services and identities of South Koreans to create fake accounts,” it said.
“We have found evidence that some people have had their identities stolen; more could follow. They are using texting and calling services to generate virtual phone numbers so they can sign up for South Korean online services,” it added.
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.