Date:29/06/16
The app, called Beaver Gang Counter [cached], purports to keep score for a popular card game, but surreptitiously searches several standard directories which Viber uses to store images and video. These include “/viber/media/Viber Images” and “/viber/media/.converted videos” (screenshot below of the code found by Symantec within the app).
The researchers note that the malicious app employs the growing trend of time-delayed attacks; Beaver Gang Counter queries its C&C server to ask if it should collect files from the designated folder for sending on. This effectively takes the app in and out of ‘possum mode’, helping it to hide from security analysis procedures, and – Symantec speculates – even from Google Play’s own app-vetting services.
Symantec has identified this particular threat as Android.Vibleaker. Its short career path began on 22nd June, and it has now been removed from the Google Play store.
For a card-counting app, it has a typical raft of unusual permissions requests, including reading from external storage, accessing information about networks and the current state of Wi-Fi connection, and to read and write to system settings (presumptive requests which the Chinese would take a dim view of).
One aspect that the report does not address is the curious and marginal nature of the host app – and the possibility that malware releases of this nature might be aimed at a single and particular individual, rather than anticipating viral take-up and subsequent data abuse.
Viber has avoided the raft of high-profile hacks which have beset so many popular messaging and communications apps over the last two years (despite suffering a website defacement allegedly by the Syrian Electronic Army), and to consolidate this introduced full encryption into the app in April of this year.
Google Play card-game app steals Viber images and video
Researchers from Symantec have identified a game-related app on Google Play that is in fact malware capable of searching a user’s smartphone for media related to the Viber messaging and video app – and sending it to a remote server.The app, called Beaver Gang Counter [cached], purports to keep score for a popular card game, but surreptitiously searches several standard directories which Viber uses to store images and video. These include “/viber/media/Viber Images” and “/viber/media/.converted videos” (screenshot below of the code found by Symantec within the app).
The researchers note that the malicious app employs the growing trend of time-delayed attacks; Beaver Gang Counter queries its C&C server to ask if it should collect files from the designated folder for sending on. This effectively takes the app in and out of ‘possum mode’, helping it to hide from security analysis procedures, and – Symantec speculates – even from Google Play’s own app-vetting services.
Symantec has identified this particular threat as Android.Vibleaker. Its short career path began on 22nd June, and it has now been removed from the Google Play store.
For a card-counting app, it has a typical raft of unusual permissions requests, including reading from external storage, accessing information about networks and the current state of Wi-Fi connection, and to read and write to system settings (presumptive requests which the Chinese would take a dim view of).
One aspect that the report does not address is the curious and marginal nature of the host app – and the possibility that malware releases of this nature might be aimed at a single and particular individual, rather than anticipating viral take-up and subsequent data abuse.
Viber has avoided the raft of high-profile hacks which have beset so many popular messaging and communications apps over the last two years (despite suffering a website defacement allegedly by the Syrian Electronic Army), and to consolidate this introduced full encryption into the app in April of this year.
Views: 427
©ictnews.az. All rights reserved.Similar news
- Cellphone Use May Raise Cancer Risk
- Australian police pushes cyber safety education
- Vietnam aims to lead in e-government
- Senate Website Gets Hacked
- US builds net for cyber war games
- Japan enacts anti-computer virus law
- India passes law vs e-waste
- Anonymous Declares War On The City Of Orlando
- Microsoft highlights evolving dangers as online identity data proliferates
- Consumers want internet security to be provided by banks
- Government facilities targets of cyber attack
- South Korean web attacks might been war drill
- Sri Lanka to Establish National Passport Database to Increase Border Security
- Hi-tech crime agencies set to employ information security professionals
- Phone hacking and online campaign bring down the News of the World