1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

Android SandroRAT Poses as Kaspersky Mobile Security

Discussion in 'Security Updates' started by snoopy, Aug 4, 2014.

  1. snoopy

    snoopy Registered Members

    Joined:
    Aug 1, 2010
    Messages:
    1,671
    Location:
    At my computer
    Operating System:
    Windows 7
    Computer Brand or Motherboard:
    custom built -
    A phishing campaign currently targeting Android users in Poland delivers emails that purport to be from a bank alerting them that their mobile device is infected and offering a fake mobile security solution for eliminating the malware.

    The file poses as Kaspersky Mobile Security and it is actually a version of SandroRAT, a remote access tool devised for Android, whose source code has been put on sale on HackForums since December last year.

    According to McAfee mobile malware researcher Carlos Castillo, the package distributed by the phishing campaign is capable of executing several commands on the affected device and it can be used for stealing sensitive details and uploading them to a command and control (C&C) server.

    The researcher says that the malware gives the attacker unrestricted access to the contact list, call logs and short text messages stored on the phone. Moreover, they can access the browsing history, bookmarks, and GPS location data.

    More details & screenshot -
    http://news.softpedia.com/news/Android-SandroRAT-Poses-as-Kaspersky-Mobile-Security-453358.shtml
     
    snoopy, Aug 4, 2014
    #1

Share This Page