by Daniel Lunghi and Jaromir Horejsi – Back in February, we noted the similarities between the Patchwork and Confucius groups and found that, in addition to the similarities in their malware code, both groups primarily went after targets in South Asia. During the months that followed in which we tracked Confucius’ activities, we found that they were still aiming for Pakistani targets.
During their previous campaign, we found Confucius using fake romance websites to entice victims into installing malicious Android applications. This time, the threat actor seems to have a new modus operandi, setting up two new websites and new payloads with which to compromise its targets.
Fake Android porn app and Windows chat applications as lures
The first website uses adult content as a lure, via an Android application called Fuddi Duniya, which links to a website that displays nude pictures every day. The app’s APK is linked directly from the homepage, with a disclaimer stating that Google Play does not allow pornography in their store…
Lese weiter auf: Confucius Update: New Tools and Techniques, Further Connections with Patchwork
Quelle: TrendLabs Malware Blog
Kommentare und FragenMöchtest Du zu diesem Artikel ein Kommentar abgeben oder hast dazu eine Frage, dann mach dies bitte immer auf der Herausgeberseite!
Aktuelles von TrendLabs Malware Blog
- VPNFilter-affected Devices Still Riddled with 19 Vulnerabilities
- July Patch Tuesday: Large Adobe Security Update and Patches for 18 Critical Microsoft Vulnerabilities
- Malicious Macro Hijacks Desktop Shortcuts to Deliver Backdoor
- Down but Not Out: A Look Into Recent Exploit Kit Activities
- The New Face of Necurs: Noteworthy Changes to Necurs’ Behaviors
- Cryptocurrency-Mining Bot Targets Devices With Running SSH Service via Potential Scam Site
- Necurs Poses a New Challenge Using Internet Query File
- Drupal Vulnerability (CVE-2018-7602) Exploited to Deliver Monero-Mining Malware
- FakeSpy Android Information-Stealing Malware Targets Japanese and Korean-Speaking Users
- North American Malware Trends: Taking a Proactive Approach to Modern Threats
Diese Information erscheint unabhängig vom Artikel!