Thursday, April 18, 2024

Hackers Tampered the Popular Android App With 50 Million Downloads to Deliver Malware

By Guru baran

Threat actors tainted the popular Android app within Google play with more than 50 million installs to deliver the Triout Android malware.

The popular app package “com.psiphon3” that known for providing uncensored access to Internet content was abused by attackers and they repack it with spyware framework.

Security researchers from Bitdefender found the new tainted version of the app that disseminates the malware.

“The original legitimate application is advertised as a privacy tool that enables access to the open internet when bundled with the Triout spyware framework it serves the exact opposite purpose.”

The tainted app was not distributed through Google Play, but it was through third-party app stores and the attackers bundled it with adware components(Google Ads, InMobi Ads, Mopub Ads) to generate revenue.

Triout Android malware hides its existence in the device and capable of collecting phone calls, log incoming text messages, record videos, take pictures, even collect GPS coordinates and send them to Command & Control server managed by the attackers.

According to researchers, both the tampered and legitimate app has the same user interface and the attackers only embedded the Triout spyware component. The current version of the legitimate app is v241 and the attackers tainted v91 of the application.

Triout Android malware

The new C&C server where the Triot dumping the information is still operational and it points to a French website that deals with magicdeal[.]fr.

“While the Triout Android spyware framework itself does not seem to have undergone changes in terms of code or capabilities, the fact that new samples are emerging and that threat actors are using extremely popular apps to bundled the malware,” researchers concluded.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

2 Android Apps From Google Play Store Launching Banking Malware With Sophisticated Evasion Techniques

9 Fake Apps Found On Google Play With More than 8 Million Installs

Managed WAF Protection

Website

Latest articles

cyber security

What is Encryption in Malware? – Understand From Basics to XOR

Malware commonly encrypts its traffic (stolen data sent to a command-and-control server) and internal...
Cyber Crime

Phishing-as-a-Service Platform LabHost Seized by Authorities

Authorities have dismantled LabHost, a notorious cybercrime platform that facilitated widespread phishing attacks across...
cyber security

Armis Acquires AI-based Vulnerability Detection Firm Silk Security

Armis, a leading cybersecurity company, has acquired Silk Security, an AI-powered vulnerability detection firm.The...
Cyber Attack

Xiid SealedTunnel: Unfazed by Yet Another Critical Firewall Vulnerability (CVE-2024-3400)

In the wake of the recent disclosure of a critical vulnerability (CVE-2024-3400) affecting a...
cyber security

Cerber Linux Ransomware Exploits Atlassian Servers to Take Full Control

Security researchers at Cado Security Labs have uncovered a new variant of the Cerber...
CVE/vulnerability

FGVulDet – New Vulnerability Detector to Analyze Source Code

Detecting source code vulnerabilities aims to protect software systems from attacks by identifying inherent...
Cyber Crime

North Korean Hackers Abuse DMARC To Legitimize Their Emails

DMARC is targeted by hackers as this serves to act as a preventative measure...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

WAAP/WAF ROI Analysis

Mastering WAAP/WAF ROI Analysis

As the importance of compliance and safeguarding critical websites and APIs grows, Web Application and API Protection (WAAP) solutions play an integral role.
Key takeaways include:

  • Pricing models
  • Cost Estimation
  • ROI Calculation

    • Book Your Spot

Related Articles

Connect with GBHackers On Security

Join 70,000 Security Professionals

Stay safe online with free daily cybersecurity updates. Sign up now!

GBHackers on security is a highly informative and reliable Cyber Security News platform that provides the latest and most relevant updates on Cyber Security News, Hacking News, Technology advancements, and Kali Linux tutorials on a daily basis. The platform is dedicated to keeping the community well-informed and up-to-date with the constantly evolving Cyber World.

Menu

Contact US:

Email : [email protected]