Antidot Mobile Malware As Google Play Update Hijacks Device Control

Posted by Peter Tolan 2 years Ago

 

Cybersecurity analysts have identified a new threat targeting Android smartphones known as Antidot, a banking Trojan disguised as a legitimate Google Play update app.

This sophisticated malware deceives users into downloading it by masquerading as a genuine app update from Google Play. Once installed, Antidot gains control over the majority of infected devices, posing a significant risk to users’ personal and financial information.

Antidot possesses a wide range of malicious functionalities, including keylogging, overlay attacks, SMS exfiltration, screen captures, and password theft. Moreover, it can be remotely controlled by its operators, enabling them to execute commands on the compromised device.

This level of control grants attackers the ability to manipulate the device remotely, potentially causing severe consequences for the victim. According to reports from Broadcom, the malware communicates with its command-and-control (C2) servers via HTTP or WebSocket connections, facilitating the exchange of information between the attackers and the infected device.

The malware has been categorized into various groups by cybersecurity experts, such as AdLibrary: Generisk and Android.Reputation.AppRisk: Generisk, to address the risks posed to mobile devices. Symantec, a leading cybersecurity firm, has integrated domains and IPs associated with Antidot into its WebPulse-enabled products’ security groups, providing protection against web-based threats.

Users are advised to exercise caution when downloading apps, even from trusted sources like Google Play, and to verify the authenticity of updates and applications before installation. Additionally, keeping security software up to date and enabling real-time protection can help mitigate the risk of encountering such malware.

As cyber threats continue to evolve, it is essential for individuals to remain vigilant and adopt robust cybersecurity practices to safeguard their personal and financial information from threats like Antidot. Symantec, a renowned cybersecurity provider, remains committed to enhancing user safety by implementing measures to mitigate the impact of emerging threats.

Source: cybersecuritynews.com

Peter Tolan
View More Posts
Peter Tolan is a Junior Content Editor for the HIPTHER network, where he has quickly established himself as a versatile voice in the global iGaming and technology sectors. Operating across the network's specialized platforms, Peter leverages a deep understanding of the European and American gaming landscapes to deliver high-impact, B2B intelligence. He is a key contributor to the "Evolution" side of the industry, specializing in the analysis of online gaming trends, the fast-paced world of esports, and the integration of deep-tech innovations. With a sharp eye for emerging technologies, Peter ensures that the HIPTHER community remains at the forefront of the global digital revolution.