The malware used HTTP for communicating with the C2 server for command handling and data exfiltration from infected devices.It was found that the attackers implemented Smali code injection technique to push the payloads. Kaspersky’s researchers came across four ViceLeaker malware samples in the campaign. ![]() On top of having spyware features such as exfiltrating call logs, SMS messages, etc., the samples also had backdoor capabilities.It is speculated that this ongoing campaign is targeted at Android users in the Middle East since the samples found were in Android devices of Israeli citizens. According to the researchers, the payload is a spyware program created to extract all accessible information from infected devices. In this campaign dubbed as “ViceLeaker”, attackers deploy a malicious payload in APK files pushed through messenger applications. Some of the spyware features included exfiltrating call logs, SMS messages, browser history amongst others, from the affected devices.Ī new malware campaign has been unearthed by security researchers at Kaspersky. ![]() ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |