by Daniel Lunghi and Jaromir Horejsi – Back in February, we noted the similarities between the Patchwork and Confucius groups and found that, in addition to the similarities in their malware code, both groups primarily went after targets in South Asia. During the months that followed in which we tracked Confucius’ activities, we found that they were still aiming for Pakistani targets.

During their previous campaign, we found Confucius using fake romance websites to entice victims into installing malicious Android applications. This time, the threat actor seems to have a new modus operandi, setting up two new websites and new payloads with which to compromise its targets.

Fake Android porn app and Windows chat applications as lures
The first website uses adult content as a lure, via an Android application called Fuddi Duniya, which links to a website that displays nude pictures every day. The app’s APK is linked directly from the homepage, with a disclaimer stating that Google Play does not allow pornography in their store…

Lese weiter auf: Confucius Update: New Tools and Techniques, Further Connections with Patchwork
Quelle: TrendLabs Malware Blog

Kommentare und Fragen
Möchtest Du zu diesem Artikel ein Kommentar abgeben oder hast dazu eine Frage, dann mach dies bitte immer auf der Herausgeberseite!
Aktuelles von TrendLabs Malware Blog

Diese Information erscheint unabhängig vom Artikel!

DSGVO-Informationen by TRADAR
Glaubst Du, dass Deine Freunde diese Information noch nicht kennen? Teile es mit ihnen.