CYFIRMA Research- Unidentified Threat Actor Utilizes Android Malware to Target High-Value Assets in South Asia

Update: 2024-12-10

Description

Our team at CYFIRMA analyzed a malicious Android sample used in a targeted attack leveraging the Spynote Remote Administration Tool (RAT). We believe that the threat actor behind the targeted attack could be an APT. Delivered via WhatsApp with payloads disguised as apps like "Best Friend" and "Friend," the attack aimed to compromise high-value assets. All payloads were linked to the same command-and-control server and featured obfuscation techniques. While specific target details remain confidential, this case underscores the evolving tactics of threat actors.

Link to the Research Report: Unidentified Threat Actor Utilizes Android Malware to Target High-Value Assets in South Asia - CYFIRMA

#CyberSecurity #MobileThreats #MalwareAnalysis #APT #spynote #androidmalware #craxrat #spymax #mobilesecurity

https://www.cyfirma.com/

Comments

Top Podcasts

The Best New Comedy Podcast Right Now – June 2024 The Best News Podcast Right Now – June 2024 The Best New Business Podcast Right Now – June 2024 The Best New Sports Podcast Right Now – June 2024 The Best New True Crime Podcast Right Now – June 2024 The Best New Joe Rogan Experience Podcast Right Now – June 20 The Best New Dan Bongino Show Podcast Right Now – June 20 The Best New Mark Levin Podcast – June 2024

In Channel

CYFIRMA Research- Living off the Land: The Mechanics of Remote Template Injection Attack

2025-01-1005:23

CYFIRMA Research- NonEuclid Remote Access Trojan (RAT)

2025-01-0605:01

CYFIRMA Research- Inside FireScam: An Information Stealer with Spyware Capabilities

2025-01-0204:14

CYFIRMA Research- CVE-2024-10914: A Critical Vulnerability in D-Link NAS Devices

2024-12-3103:21

CYFIRMA Research- How Festive Events Have Become Prime Targets for Digital Exploitation and Fraud

2024-12-3006:33

CYFIRMA Research- Bizfum Stealer

2024-12-1607:16

CYFIRMA Research- Russia as a Threat Actor in the UK

2024-12-1306:45

CYFIRMA Research: Tracking Ransomware- November 2024

2024-12-1204:38

CYFIRMA Research- Unidentified Threat Actor Utilizes Android Malware to Target High-Value Assets in South Asia

2024-12-1002:18

CYFIRMA Research- TRUMP 2.0: WHAT’S IN STORE?

2024-12-0604:37

CYFIRMA Research: Exploration of Parano – Multiple Hacking Tools’ Capabilities

2024-12-0506:45

CYFIRMA Research- Decoding Cyberattacks on Morocco

2024-11-3005:16

CYFIRMA Research- Investigation into Helldown Ransomware

2024-11-2804:55

CYFIRMA Research: Hexon Stealer

2024-11-2705:57

CYFIRMA Research: CVE-2024-9264: A Critical Vulnerability in Grafana- Vulnerability Analysis and Exploitation

2024-11-2503:38

CYFIRMA Research- ELPACO-team Ransomware: A New Variant of the MIMIC Ransomware Family

2024-11-2204:50

CYFIRMA Research- Black Basta Ransomware Group

2024-11-1504:16

CYFIRMA Research- TRACKING RANSOMWARE : OCTOBER 2024

2024-11-1405:27

CYFIRMA Research- Wish Stealer

2024-11-1307:13

CYFIRMA Research: SpyNote: Unmasking a Sophisticated Android Malware

2024-11-1204:42

00:00

1.0x

CYFIRMA Research- Unidentified Threat Actor Utilizes Android Malware to Target High-Value Assets in South Asia

#box-pro-ellipsis-173650122363477{-webkit-line-clamp:2;}CYFIRMA Research- Unidentified Threat Actor Utilizes Android Malware to Target High-Value Assets in South Asia

CYFIRMA Research- Unidentified Threat Actor Utilizes Android Malware to Target High-Value Assets in South Asia

CYFIRMA

CYFIRMA Research- Unidentified Threat Actor Utilizes Android Malware to Target High-Value Assets in South Asia