The New Android Malware AnubisSpy
AnubisSpy- is a new Android malware that targets Arabic-speaking users in the Middle East. Experts say ‘The malware can spy and has extreme data-stealing capabilities.’ It has been linked to cyber espionage campaign called Sphinx that also targets Middle East users.
APT-C15 hacker group are said to be the mastermind behind the Sphinx campaign between 2014 and 2015. They targeted military and political establishment in Israel, Egypt, and other ME countries while stealing critical information. Security experts believe this is the same group who have come out with AnubisSyp malware.
This android malware would pass on as a legitimate app on Google Play and other third-party app stores, and only later security experts came to know this when they spotted around seven such apps, that was part of AnubisSpy. The other apps which researchers believed were also developed by the same hacker group, some of which were created back in 2015. The latest variant must have been created in May 2017.
The blog on Trend Micro reads “These apps were all written in Arabic and, in one way or another, related to something in Egypt regardless of the labels and objects in the apps. The apps mainly used Middle East-based news and sociopolitical themes as social engineering hooks and abused social media to further proliferate. Versions of AnubisSpy posed as social news, promotional, healthcare, and entertainment apps.”
What can the AnubisSpy malware do?
The malware is capable to steal pictures, contacts, videos, email details, browser histories, SMS and calendar schedules. It can even take screenshots, including that of calls and even record audio data. Quite like its name, the malware can spy on victims, activities on social media and even snoop on other social apps like Facebook to WhatsApp, Skype.
The malware has also been designed to delete files on infected devices and can self-destruct to hide its tracks.
The malware can even delete files on the infected device. Trend Micro has informed Google about AnubisSpy malware and looks like they are into analyzing the malware to take necessary action.
Researchers also suggested that going forward, the mobile platform could become cyber espionage actors’ primary frontier. Such a shift may be highly likely given how over the past year, other forms of cybercrime, such as ransomware, also migrated from PC-oriented attacks to targeting mobile users.
Security experts believe that going forward mobile will be at risk with maximum cyber espionage cases in the coming years. In the coming years, there will be a more mobile-oriented attack. According to Trend Micro “While cyber espionage campaigns on Android mobile devices may be few and far between compared to ones for desktops or PCs, AnubisSpy proves that they do indeed occur, and may have been more active than initially thought.”
Kevin Jones951 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.