Home » Technology » Android spyware is targeting Russian soldiers in Ukraine

Android spyware is targeting Russian soldiers in Ukraine

8 months ago Joshua Bato

A new spyware for Android smartphones has apparently targeted Russian military members. So far, hardly anything is known about the origin of the Schadcode – but it is likely that the Ukraine has its fingers in the game.

Hidden in card application

The malware with the name Android.Spy.1292.Origin is hidden in a manipulated version of the popular card application Alpine Quest, which is used in particular by hunters, athletes and Russian soldiers in Ukraine. The trojanized app is distributed via a special telegram channel and in unofficial Android app stores.

The application is offered as a free version of Alpine Quest, which is actually paid by the paid Pro variant – an incentive for many users to install them despite their dubious origin. Since the app can hardly be distinguished from the original, the malware often remains undetected, the Russian security company Dr.Web explained that the malware discovered.

When starting the infected application, the malware transmits a variety of sensitive data to a command-and-control server. These include the user’s telephone number, contacts from the address book, current location data, stored files and the app version. The attackers are particularly interested in confidential documents that are sent via Telegram or WhatsApp, as well as the location protocol “Loclog”, which Alpine Quest created.

Modular design

With its modular design, the malware can be subsequently expanded – for example, by new functions for data theft or spy. Meanwhile, Google announced that Android users should be protected against known versions of the malware with activated “Play Protect” protection mechanism. Nevertheless, the risk for users who install apps from uncertain sources remains high.

In parallel to the discovery of Android.spy.1292.Origin, the Moscow IT security company Kaspersky reported another threat: a previously unknown malware targeted Russian government, financial and industrial facilities. The attacks are made via manipulated update packages for the Vipnet security network – further evidence of the increasing complexity of digital warfare.

Tags: , , , , ,

More Stories

The vortex of the memory crisis is gripping Nintendo

2 weeks ago Yasir Zeb

Vulnerability in WinRAR is being actively exploited by several groups

2 weeks ago Yasir Zeb

Lenovo brings side-rollable OLED

2 weeks ago Joshua Bato

Today’s Latest

Virtual PA

The “24/7 Office”: How Virtual Assistant Support Solves Time Zone Bottlenecks

9 hours ago Alexia Hope
sql server

How to Restore MS SQL Database from Corrupt Backup?

2 days ago Alexia Hope

How Credit Card Interest Works And How to Avoid It

2 days ago Alexia Hope

Why Samsung’s Galaxy Z Fold 7 is the Best For Watching Movies on Your Phone

2 days ago Alexia Hope
automation

Why AI Automation Is Becoming a Core Business Advantage

2 days ago Alexia Hope

Maximize Curb Appeal With Expert Roofing And Siding

2 days ago Alexia Hope

The Importance of Regular Gas Safety Checks for Homeowners

2 days ago Alexia Hope
kid study

How to Start an After-School Tutoring Business

5 days ago Alexia Hope
web tax

The Algorithm Advantage: How Higher Views Drive Massive Organic Reach

5 days ago Alexia Hope
ecommerce store

Top Tasks a Tiles Ecommerce VA Can Handle for Your Online Store

5 days ago Alexia Hope