Recently, researchers at Lab52 discovered an application on Google Play infected with unknown Android malware, formerly affiliated with the Turla (Russia) hacker group.
According to Bleeping Computer, Turla is a Russian state-supported hacker group, believed to be involved in meddling in the 2016 US presidential campaign. Besides, this group is also famous for its use. custom malware to target European and American systems, mainly for espionage.
Researchers at Lab52 discovered Process Manager malware lurking inside some apps on Google Play, masquerading as Roz Dhan: Earn Wallet cash. Once installed, they will start asking for permission to access 18 different items, including messages, location, recordings, and more.
Malware lurks inside the Roz Dhan app. Photo: Lab52
To avoid detection, malware automatically deletes desktop icons and silently runs in the background.
Malware running in the background on the phone. Photo: Lab52
If you are installing this application, please remove it immediately by going to Settings – Apps – Manage apps, find the malicious application name and click Uninstall. Setting).
Besides, users should also enable the Play Protect feature on Google Play to limit the mistaken installation of malicious software.
at Blogtuan.info – Source: 24h.com.vn – Read the original article here