Saturday, September 14, 2024
Home Hacking News Donot APT delivers Android malware via messaging apps

Donot APT delivers Android malware via messaging apps

The Donot APT (Advanced Persistent Threat) group has been active since at least 2019 and has been known to target government agencies in the Middle East. Recently, researchers at Lookout discovered that the group has developed new malware that targets Android devices through messaging apps.

The malware, named “Mandrake,” is designed to steal sensitive information from victims, including messages, call logs, contacts, and more. The malware is spread through WhatsApp and Telegram, two popular messaging apps used by millions of people worldwide.

According to Lookout’s researchers, Mandrake works by posing as an innocuous file that is shared through a messaging app. When a victim clicks on the file, Mandrake silently installs itself on the victim’s device, without the victim’s knowledge. The malware then begins to collect data from the victim’s device and sends it back to the attacker’s command-and-control (C&C) server.

What makes Mandrake particularly dangerous is its ability to evade detection by most antivirus programs. The malware is designed to remain dormant until it detects that it is being analyzed by an antivirus program. Once it detects this, it will delete itself from the victim’s device, leaving no trace behind.

The Donot APT group has been known to use sophisticated techniques to evade detection and infiltrate their targets. Mandrake is just the latest example of their capabilities. The group has also been known to use social engineering tactics, such as posing as job recruiters or creating fake social media profiles, to gain access to their targets.

To protect yourself from Mandrake and other malware like it, it is important to take some basic security measures. First, be cautious when clicking on links or downloading files from unknown sources, especially through messaging apps. Second, keep your antivirus software up-to-date and perform regular scans of your device. Third, avoid sharing sensitive information, such as passwords or financial information, through messaging apps or other unsecured channels.

In conclusion, the Donot APT group’s development of Mandrake is a reminder that even seemingly harmless messaging apps can be used to spread dangerous malware. It is important to remain vigilant and take necessary precautions to protect your device and sensitive information from cyber threats.

Bipin Choudharyhttps://vednam.com
Bipin has been a passionate blogger for several years. He is a Cyber Security Enthusiast, Security Blogger, Technical Writer. He is always eager to know everything about the latest technology development and advancement. Author @ Vednam

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular

7 Best Free Ethical Hacking Courses Online

  Ethical hacking is the practice of identifying vulnerabilities in computer systems and networks, using the same techniques and tools as malicious hackers. Ethical hackers,...

How does AuKill malware work?

AuKill Malware Actively Used to Disable EDR in Ongoing Attacks The cybersecurity landscape is constantly evolving, and attackers are always finding new ways to breach...

What is Black box hacking ? How Does it works ?

  Black box hacking refers to the process of testing a system, network or application for vulnerabilities without having any prior knowledge of its internal...

What is Penetration testing ? How does it works ?

  Penetration testing, or PenTesting for short, is a critical part of any comprehensive cybersecurity program. It involves testing the security of computer systems, networks,...

Recent Comments