Android Trojan Found in Targeted Attack

In the past, we’ve seen targeted attacks against Tibetan and Uyghur activists on Windows and Mac OS X platforms. We’ve documented several interesting attacks which used ZIP files as well as DOC, XLS and PDF documents rigged with exploits. Several days ago, the e-mail account of a high-profile Tibetan activist was hacked and used to send targeted attacks to other activists and human rights advocates. Perhaps the most interesting part is that the attack e-mails had an APK attachment – a malicious program for Android. Read Full Article

Find and Call: Leak and Spam

Yesterday we were contacted by our partner MegaFon, one of the major mobile carriers in Russia. They notified us about a suspicious application, which was found in both the Apple App Store and Google Play. At first glance, this seemed to be an SMS worm spread via sending short messages to all contacts stored in the phone book with the URL to itself. However, our analysis of the iOS and Android versions of the same application showed that it’s not an SMS worm but a Trojan-Spy that uploads a user’s phonebook to remote server. The “replication” part is done by the server – SMS spam messages with the URL to the application are being sent from the remote server to all the contacts in the user’s address book. Read Full Article