fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Android Malware Found Embedded In APKPure Store Application

Android Malware Found Embedded In APKPure Store Application

Security researchers found malware embedded within the official application of APKPure, a popular third-party Android app store and an alternative to Google’s official Play Store.

Android users use the application to install apps and games hosted on APKPure’s platform, supposedly identical to those available through the Play Store.

The malware was discovered by Kaspersky and Dr.Web malware analysts embedded within an advertisement SDK included with APKPure version 3.7.18.

As they discovered, it looks like a variant of the Triada trojan first spotted by Kaspersky in 2016 [12], capable of spamming users of infected devices with ads and deliver additional malware.

Also Read: PDPA Singapore Guidelines: 16 Key Concepts For Your Business

APKPure interface

“The identified malicious code embedded in APKPure operates in the following way: upon launch of the application, the payload is decrypted and launched,” Kaspersky said. “It then collects information about the user device and sends it to the C&C server.”

“Then, a Trojan is loaded that has much in common with the notorious Triada malware, in that it can perform a range of actions – from displaying and clicking ads to signing up for paid subscriptions and downloading other malware.”

Next, depending on its operators’ instructions and monetizing scheme (ads or pay-per-install), it will:

  • show ads every time the Android device is unlocked,
  • repeatedly open web pages containing ads,
  • click the ads to sign up for paid subscriptions,
  • install other payloads or potentially malicious software without the users’ consent.

The damage inflicted by this trojan varies depending on the Android version running on the compromised devices, ranging from being signed up for paid subscriptions and seeing intrusive ads on current versions to having unremovable malware like xHelper deployed on the system partition.

Device information collected by the malware (Kaspersky)

While no official download stats are available for the APKPure app, Kaspersky says that it has so far blocked the malware on the devices of 9,380 Android users running its security solutions on their devices.

Both Kaspersky and Dr.Web reported their findings to APKPure’s developers, who have released APKPure 3.17.19 today without the malicious code.

Indicators of compromise, including APKpure app, payload, and malware sample hashes, are available at the end of Kaspersky’s report.

Also Read: Data Protection Officer Singapore | 10 FAQs

BleepingComputer has reached out to APKPure’s development team for more information but has not heard back.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us