A New Android Trojan Designed To Steal Your IM’s

Security researchers have found a new strain of malware that will steal your instant messenger data.

Cybersecurity firm Trustlook has issued their findings on a new android trojan. The new malware is fairly limited in what it does yet uses some fairly advanced evasion techniques.

The malware first attempts to gain boot persistence, so that each time the device is booted up, the malware will execute. Once obtained, the malware specifically targets IM clients, extracts their data, and will upload to a remote server.

The malware is being spread through a Chinese application translated to Cloud Module. Because this is a Chinese malware being distributed through Chine, where the Google Play Store does not operate, it is believed to only be spreading through third party app stores.

The IM clients which the malware is targeting are as follows;

Facebook Messenger
Skype
Telegram
Twitter
WeChat
Weibo
Viber
Line
Coco
BeeTalk
Momo
Voxer Walkie Talkie Messenger
Gruveo Magic Call
TalkBox Voice Messenger

This malware provides a perfect example of the weak point in end to end (E2E) encryption. E2E encryption protects messages in transit, when it is much easier for hackers to simply attack unsecured phones and grab the data from there.

trojan

Source: Bleeping Computer

Brad

Founder & Owner of UTB Blogs. Former BlackBerry Elite. When I'm not talking or writing about BlackBerry, you'll find me using my BlackBerry.

Top