Fake Skype, Signal Apps Used to Spread Surveillanceware

2020-04-23 13:48

Cybercriminals are increasingly peddling booby-trapped version of popular apps such as Skype and Signal that contain surveillanceware.

Apurva Kumar, security intelligence engineer at Lookout, said that one such surveillanceware family that's been spotted using this tactic is Monokle, a sophisticated set of custom Android surveillanceware.

Lookout had a really interesting session at the RSA conference about surveillanceware and specifically a new surveillanceware called Monokle that you had discovered.

Another technique is using trojan applications, which Monokle does use, and that's basically they take a legitimate application, unpack it, inject some malicious functionality and then repackage it and perhaps spread it using, I don't know, maybe some social engineering technique like phishing or something like that, and then market it to whoever or put it in front of the person who they may want to target.

Because it's familiar, so it gets packaged as something like, for example, Monakle was packaged as apps like Signal or Skype, so it may be a well known application, so it becomes easier for the user to want to install it, and then they get infected with the malware.

News URL

https://threatpost.com/fake-skype-signal-apps-used-to-spread-surveillanceware/155053/

#signal #skype

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Signal		3	2	9	2	1	14