Security News > 2022 > August > Cybercriminals Developing BugDrop Malware to Bypass Android Security Features
In a sign that malicious actors continue to find ways to work around Google Play Store security protections, researchers have spotted a previously undocumented Android dropper trojan that's currently in development.
Dubbed BugDrop by the Dutch security firm, the dropper app is explicitly designed to defeat new features introduced in the upcoming version of Android that aim to make it difficult for malware to request Accessibility Services privileges from victims.
ThreatFabric attributed the dropper to a cybercriminal group known as "Hadoken Security," which is also behind the creation and distribution of the Xenomorph and Gymdrop Android malware families.
Banking trojans are typically deployed on Android devices through innocuous dropper apps that pose as productivity and utility apps, which, once installed, trick users into granting invasive permissions.
Notably, the Accessibility API, which lets apps read the contents of the screen and perform actions on behalf of the user, has come under heavy abuse, enabling malware operators to capture sensitive data such as credentials and financial information.
Users are advised to avoid falling victim to malware hidden in official app stores by only downloading applications from known developers and publishers, scrutinizing app reviews, and checking their privacy policies.
News URL
https://thehackernews.com/2022/08/cybercriminals-developing-bugdrop.html
Related news
- Russia targets Ukrainian conscripts with Windows, Android malware (source)
- Android malware "FakeCall" now reroutes bank calls to attackers (source)
- New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls (source)
- New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers (source)
- Cybercriminals Use Excel Exploit to Spread Fileless Remcos RAT Malware (source)
- North Korean hackers create Flutter apps to bypass macOS security (source)
- Cyber crooks push Android malware via letter (source)
- Researchers Uncover Malware Using BYOVD to Bypass Antivirus Protections (source)
- Cybercriminals used a gaming engine to create undetectable malware loader (source)
- Cybercriminals Exploit Popular Game Engine Godot to Distribute Cross-Platform Malware (source)