Security News > 2021 > September > BladeHawk Attackers Target Kurds with Android Apps

BladeHawk Attackers Target Kurds with Android Apps
2021-09-09 11:26

Attackers have been targeting the Kurdish ethic group for more than a year through an Facebook-based spyware campaign that disguises backdoors in legitimate Android apps, researchers have found.

The campaign disguises the 888 RAT in Android apps using dedicated Facebook profiles, researchers aid.

All in all, researchers identified six profiles as part of the BladeHawk campaign, which have been sharing the Android spying apps and targeted about 11,000 followers through 28 unique posts.

Researches downloaded 17 unique Android application packages from these links, some of which pointed directly to the malicious apps.

"All these profiles were created in 2020 and shortly after creation they started posting these fake apps. These accounts, except for one, have not posted any other content besides Android RATs masquerading as legitimate apps."

Attackers also shared espionage apps to public Facebook groups, most of which support of Masoud Barzani, the former president of the Kurdistan Region, Stefanko said.


News URL

https://threatpost.com/bladehawk-attackers-kurds-android/169300/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Android 4 0 17 2 0 19