Sign up to save your podcasts
Or
Share CYFIRMA Research - Episode 014: DoNot APT Elevates its Tactics by Deploying Malicious Android Apps on Google Play Store
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
CYFIRMA Research - Episode 014: DoNot APT Elevates its Tactics by Deploying Malicious Android Apps on Google Play Store
The team at CYFIRMA recently obtained suspicious Android apps hosted on the Google Play Store under the account “SecurITY Industry”. Further technical analysis revealed that the apps have malware characteristics and belong to the notorious Advanced Persistent Threat Group; “DoNot”.
A total of three Android apps were hosted with the name Device Basic Plus, nSure Chat, and iKHfaa VPN, with two of them having malicious characteristics, that are nSure Chat and iKHfaa VPN. The report highlights deep technical analysis, including modus operandi and the “DoNot” groups’ shift from previously targeting individuals in Kashmir to expanding their target range, in order to gather information with the initial payload, paving the way for a more devastating second-stage attack, using advanced Android Malware.
Link to Research Report: DoNot APT Elevates its Tactics by Deploying Malicious Android Apps on Google Play Store - CYFIRMA
#SuspiciousAndroidApps, #CyberSecurity #AndroidThreats #StaySafe #ThreatIntelligence #etlm #PakistanMalware #KashmirMalware #DoNot #threatactor
A total of three Android apps were hosted with the name Device Basic Plus, nSure Chat, and iKHfaa VPN, with two of them having malicious characteristics, that are nSure Chat and iKHfaa VPN. The report highlights deep technical analysis, including modus operandi and the “DoNot” groups’ shift from previously targeting individuals in Kashmir to expanding their target range, in order to gather information with the initial payload, paving the way for a more devastating second-stage attack, using advanced Android Malware.
Link to Research Report: DoNot APT Elevates its Tactics by Deploying Malicious Android Apps on Google Play Store - CYFIRMA
#SuspiciousAndroidApps, #CyberSecurity #AndroidThreats #StaySafe #ThreatIntelligence #etlm #PakistanMalware #KashmirMalware #DoNot #threatactor
https://www.cyfirma.com/
View all episodes
By CYFIRMAThe team at CYFIRMA recently obtained suspicious Android apps hosted on the Google Play Store under the account “SecurITY Industry”. Further technical analysis revealed that the apps have malware characteristics and belong to the notorious Advanced Persistent Threat Group; “DoNot”.
A total of three Android apps were hosted with the name Device Basic Plus, nSure Chat, and iKHfaa VPN, with two of them having malicious characteristics, that are nSure Chat and iKHfaa VPN. The report highlights deep technical analysis, including modus operandi and the “DoNot” groups’ shift from previously targeting individuals in Kashmir to expanding their target range, in order to gather information with the initial payload, paving the way for a more devastating second-stage attack, using advanced Android Malware.
Link to Research Report: DoNot APT Elevates its Tactics by Deploying Malicious Android Apps on Google Play Store - CYFIRMA
#SuspiciousAndroidApps, #CyberSecurity #AndroidThreats #StaySafe #ThreatIntelligence #etlm #PakistanMalware #KashmirMalware #DoNot #threatactor
A total of three Android apps were hosted with the name Device Basic Plus, nSure Chat, and iKHfaa VPN, with two of them having malicious characteristics, that are nSure Chat and iKHfaa VPN. The report highlights deep technical analysis, including modus operandi and the “DoNot” groups’ shift from previously targeting individuals in Kashmir to expanding their target range, in order to gather information with the initial payload, paving the way for a more devastating second-stage attack, using advanced Android Malware.
Link to Research Report: DoNot APT Elevates its Tactics by Deploying Malicious Android Apps on Google Play Store - CYFIRMA
#SuspiciousAndroidApps, #CyberSecurity #AndroidThreats #StaySafe #ThreatIntelligence #etlm #PakistanMalware #KashmirMalware #DoNot #threatactor
https://www.cyfirma.com/