Techly NewsGet the app

Get the latest tech news

Mysterious family of malware hid in Google Play for years


Mandrake's ability to go unnoticed was the result of designs not often seen in Android malware.

Not working in 90 countries, including those comprising the former Soviet Union Delivering its final payload only to victims who were extremely narrowly targeted Containing a kill switch the developers named seppuku (Japanese form of ritual suicide) that fully wiped all traces of the malware Fully functional decoy apps in categories including finance, Auto & Vehicles, Video Players & Editors, Art & Design, and Productivity Quick fixes for bugs reported in comments TLS certificate pinning to conceal communications with command and control servers. “The Mandrake spyware is evolving dynamically, improving its methods of concealment, sandbox evasion, and bypassing new defense mechanisms,” Kaspersky researchers Tatyana Shishkova and Igor Golovin wrote. A key feature of the latest generation of Mandrake is multiple layers of obfuscation designed to prevent analysis by researchers and bypass the vetting process Google Play uses to identify malicious apps.

Get the Android app

Or read this on r/technology

Read more on:

Photo of malware

malware

Photo of years

years

Photo of Google Play

Google Play

Related news:

News photo

It is 60 years since a US spacecraft first took a close-up of the Moon

News photo

Samsung Profit Surge Fuels Plan to Boost High-End Memory Output

News photo

It only took the iPhone 17 years to support call recording

« GrapheneOS may take legal action against Google regarding Play Integrity API
Micron Ships Denser & Faster 276 Layer TLC NAND, Arriving First In Micron 2650 Client SSDs »