fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

New FluBot and TeaBot Campaigns Target Android Devices Worldwide

New FluBot and TeaBot Campaigns Target Android Devices Worldwide

New FluBot and TeaBot malware distribution campaigns have been spotted, using typical smishing lures or laced apps against Android users in Australia, Germany, Poland, Spain, and Romania.

The SMS topics used for spreading the FluBot malware include fake courier messages, “Is this you in this video?” coaxes, phony browser updates, and fake voicemail notifications.

Also Read: Website Ownership Laws: Your Rights And What These Protect

The most recent FluBot campaign was tracked by researchers at Bitdefender Labs, who intercepted over 100,000 malicious SMS since December 2021, illustrating the threat actor’s massive volume of distribution.

According to the report, the FluBot operators conduct attacks in short-term waves using different lures for each country.

Upon infecting one device, the malware uses the victim’s contact list to distribute other SMS lures, achieving better infection rates due to recipients’ trust in known contacts and continuous growth.

FluBot distribution has remained active throughout 2021, and the reports about high-volume 2022 activity prove that its operators aren’t ready to call it a day yet.

TeaBot on the rise in the Google Play Store

TeaBot is a different Android banking trojan discovered in January 2021 and has a global reach.

As reported by Bitdefender, TeaBot has made multiple appearances on the Play Store since December 2021.

According to the researchers, TeaBot is distributed to unsuspecting victims via trojanized apps on the Google Play Store, including:

  • QR Code Reader – Scanner App – 100,000 downloads
  • QR Scanner APK – 10,000 downloads
  • QR Code Scan – 10,000 downloads
  • Smart Cleaner – 1,000 downloads
  • Weather Cast – 10,000 downloads
  • Weather Daily – 10,000 downloads
QR code app
QR code app that silently fetches TeaBot
Source: Bitdefender

None of these applications featured malicious functionality, and all offered the promised features, which allowed them to pass the Google Play Store’s review process and reach a wider infection pool.

Also Read: Best Privacy Certification: 3 Simple Steps On How To Achieve

Moreover, the actors actively promoted these apps by paying to appear in Google Ads served within other applications and games.

However, once installed and executed on the victim’s device, the apps started a background service that checked the country code and stopped if the result was Ukraine, Uzbekistan, Uruguay, or the United States.

The app retrieved its configuration for all other victims and fetched an APK from a GitHub repository, which contained a TeaBot variant. At the same time, the apps prompted the user to allow third-party sources to install packages.

Alert to allow the installation via 3rd party sources
Alert to allow the installation via 3rd party sources
ource: Bitdefender

Between December 6, 2021, and January 17, 2022, Bitdefender analysts have counted 17 different versions of TeaBot infecting devices through the listed apps.

The TeaBot campaign illustrates that even when installing software from the Google Play Store, it does not mean that you will always be safe. 

Therefore, it is advisable to remain vigilant with new installations, check user reviews, monitor the app’s network and battery usage, and only grant non-risky permissions.

Remember, this is not the first time that TeaBot has managed to infiltrate the Play Store through laced apps, and it’s unlikely it’ll be the last one.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us