New trojan targets Android devices, camouflaging fake applications as genuine

By: |
Published: August 9, 2019 4:03:09 AM

The trojan can self-sign trusted certificates to interpret encrypted SSL (Secure Sockets Layer) traffic and can also use a phone’s lockscreen activity to obtain passwords to steal personal information and gain access to third party apps.

trojan, Android devices, fake applications, genuine apps, new virus, technology newsSecurity researchers also revealed that cyber criminals are developing this virus to attack on iOS (Apple) devices. (Reuters)

Cyber security experts have discovered a new virus, which acts as a mobile remote access trojan for Android devices and leverages a range of intrusive capabilities to launch cyber attacks. This trojan attacks target devices using fake apps that are camouflaged as genuine ones. Security researchers also revealed that cyber criminals are developing this virus to attack on iOS (Apple) devices.

The trojan attack has also been flagged by the Indian Computer Emergency Response Team (Cert-In). “The trojan is distributed to targets via fake apps camouflaged as genuine apps such as Google Play, Skype, UC Browser, etc,” Cert-In said in a security report.

“So far Monokle is directed against Android devices. The researchers found several references to a planned iOS version, including unused commands and data transfer objects in its source code. Typically victims are infected when they download the trojanised versions of what appears to be legitimate Android applications,” it added.

The trojan can self-sign trusted certificates to interpret encrypted SSL (Secure Sockets Layer) traffic and can also use a phone’s lockscreen activity to obtain passwords to steal personal information and gain access to third party apps.

Cyber security firm, Lookout, which discovered the trojan, said that Monokle is an advanced mobile surveillanceware, which can compromise user’s privacy by stealing personal data stored on an infected device and then exfiltrating this information to command and control infrastructure.

“Lookout has discovered a highly targeted mobile malware threat that uses a new and sophisticated set of custom Android surveillanceware tools called Monokle that has possible connections to Russian threat actors,” the company said in a security breach report.

While most of its functionality is typical of a mobile surveillanceware, Monokle is unique in that it uses existing methods in novel ways to be extremely effective at data exfiltration, even without root access.

Monokle appears in a very limited set of applications, which implies attacks using Monokle are highly targeted. Many of these applications are trojanised and include legitimate functionality, so user suspicion is not aroused.

“There is evidence that an iOS version of Monokle is in development. Lookout has no evidence of active iOS infections,” the San Francisco-based company revealed.

A senior government official said the virus will pose security threats for India device users. “India’s cyber security requirements have grown exponentially in last few years on back of rising internet penetration and growing demand for data and smartphones. It accounts for one of the largest android app downloads globally at more than 6 billion. Besides, it has over 200 million IoT devices, which will swell to 2.7 billion by 2020. This makes India a preferred playground for cyber criminals,” one of the officials explained.

According to CERT-In data, a total of 53,117 cyber security incidents including phishing, network scanning and probing, virus or malicious code and website hacking were reported in 2017. This further swelled to 2,08,456 and 1,05,849 incidents in 2018 and 2019 (till May), respectively.

Get live Stock Prices from BSE and NSE and latest NAV, portfolio of Mutual Funds, calculate your tax by Income Tax Calculator, know market’s Top Gainers, Top Losers & Best Equity Funds. Like us on Facebook and follow us on Twitter.

Next Stories
1Vivo Independence Day deals on Flipkart, Amazon: Big discounts on Z1 Pro, V11 Pro, and more
2Samsung’s MacBook Air rival, Galaxy Book S, is sleek, gorgeous, and cheaper
3OnePlus 7 Pro and OnePlus 7 in the Amazon Freedom Sale: the perfect Phone Investment