A newly uncovered form of Android malware secretly steals sensitive data from infected devices – including full audio recordings of phone calls – and stores it in cloud storage accounts.
An invasive form of spyware, RedDrop harvests information from the device, including live recordings of its surroundings, user data including files, photos, contacts, notes, device data and information about saved Wi-Fi networks and nearby hotspots.
Described by the cybersecurity researchers at security company Wandera who uncovered it as “one of the most sophisticated pieces of Android malware” not only do those behind RedDrop use a wide variety of differing lures to infect victims, they’ve also gone out of their way to ensure that users are completely unaware that their phone is infected.
That is at least until they receive a high phone bill, due to the malware secretly sending SMS messages to a premium rate service in addition to its spyware activities. In one example studied, a message was sent to a premium rate service every time the victim interacted with the malicious app, while all evidence of messages being sent is hidden from the user.
A total of 53 apps are used to distribute the malware, with malicious lures disguised as a range of tools including calculators, image editors, language learning aids, adult content and more.
Submitted by: Arnfried Walbrecht