INDIA: SonicWall Capture Labs Threats Research team recently observed malware writers misusing the recent Coronavirus scare to propagate their malicious creations. An Android app that goes by the name Coronavirus has been spotted that requests the victim to re-enter the pin/pattern on the device and steals information, while repeatedly requesting for Accessibility Service capabilities.
With additional capabilities based on traces present in the code, the attacker can control the device remotely making this malware a RAT (Remote Access Trojan). This malware persistently tries to invade/ embed itself in the device through multiple means. Android’s battery optimization feature puts an app in a suspended state to conserve battery, but since this malware is a RAT it works best when it is constantly listening for incoming commands from the attacker. Upon installation, this malware asks the user to ignore battery optimization for this app thereby preventing this app from going in a low power/sleep state. Later, when the SonicWall team tried revoking this permission from the app, it pulled a basic trick where it presses the back button just before the permission could be revoked. The same trick is used, once the user tries to un-installing the app.
In his observations, Debasish Mukherjee as VP, Regional Sales – APAC, SonicWall said, “This is a classic case of the attackers being opportunists. They ride on the fear of the larger public and develop codes to steal sensitive information and control mobile devices remotely. It is advised that people use discretion before falling prey to such attacks.”
Your email address will not be published. Required fields are marked *
Save my name, email, and website in this browser for the next time I comment.
Sign me up for the newsletter!
Notify me of follow-up comments by email.
Notify me of new posts by email.
UK Government announces £10 million for small businesses to kickstart tourism
Aditya Birla Sun Life Insurance launches Child’s Future Assured Plan
Andy Edwards appointed Springboks new Head of Athletic Performance
Sonalika records 55% growth in domestic volume in June’20. Outpaces industry growth at 23%
Liberty General Insurance Introduces ‘Liberty Assure’ –
2014 The Global Indian New Network (TGINN)