Designated to specialize in creating Advanced Persistent Threats (APTs), groups like Turla, under the umbrella of an organization, will exploit malware in these Internet and then silently send information to their creators over a long period of time.
The process manager application sent information to the IP address related to Turla’s activities, although it cannot be proven with certainty that they belong to this group or that the information obtained was subsequently used for nefarious purposes. However, in some cases when installing the application receives some access to the following tasks:
Access coarse location
Access fine location
Access network state
Access WiFi state
Modify audio settings
Read call log
Read external storage
Write external storage
Read phone state
Read SMS (Read SMS)
Receive boot completed
Record audio (record audio)
Send SMS (Send SMS)
Wake log (Wake log)
The above tasks, when illegally intruded, are all serious threats to user privacy, especially when they serve malicious purposes, especially location tracking, voice recording and use the camera.
On the other hand, this process management application is quite discreet, marked with a gear icon as if it were an settings and system application that will disappear when automatically granting the aforementioned permissions.
The app will then launch a persistent notification in the status bar. This could be a sign that the user’s phone is being tracked.
Although it is possible to link to the hacker group, Lab52 researchers still think that the process management application is a weak threat when the notification about the running application is clearly displayed, plus the application is part of the monetization infrastructure hidden in popular affiliate networks like the one with the Roz Dhan . app
It’s not a typical anonymous intrusion if the user has some affiliate programs installed, you can still find a process manager app and revoke permissions or better yet uninstall them all. both of them if you are concerned about the security of your phone.
at Blogtuan.info – Source: Soha.vn – Read the original article here