CyberWisdom Safe Harbor Commentary on RedDrop Malware:
RedDrop malware contains many parameters to steal sensitive data such as photos, contacts, and more. Images, nearby WiFi network data, application data from victim devices.
For the first time, RedDrop malware was discovered by mobile security company Wandera. Based on their findings, malicious applications include utilities such as image editors and calculators, as well as more entertainment applications covering topics such as space exploration or learning new languages. Malicious software is found to be more popular in China, and malware creators employ more than 4,000 domain names to distribute malware.
The researchers said: “We believe that the organization has developed this complex CDN to confuse the source of malware and make it harder for security teams to find the source of the threat.”
How RedDrop malware enters your device
- Users search for Android applications in Baidu.
When the user clicks toxic search results, it redirects through some URL and arrives at the store.
- Once the user installs and opens a new application, it sends the device details to the C & C server. Later there are seven malicious applications installed silently.
In addition, it requires intrusive permissions to avoid requesting permission from the user again.
- Later it will make the victim’s phone subscribe to the premium SMS service and will also be able to destroy the incoming SMS.
- The malware also steals saved files (photos, contacts, images), recording sounds around the device, device info, SIM card info, application and web data.
Stolen data is uploaded to a remote file storage system for extortion and extortion purposes
The researchers said that “a malicious application works like an adult game and users have to rub the screen to reveal an attractively dressed woman.” Each time the user rubs the on-screen SMS message into premium service.
RedDrop Malware Remedy
- Common defenses to mobile threats
- Carefully consider the permissions the application requires.
- Download the application from a trusted source.
- Keep up with the latest version.
- Encrypt your device.
- Frequent important data backup.
- Install anti-malware on their device.
- Maintain a strict CIA cycle.
Also, the Android P Restrictions Use the background application to access the camera when the device is idle.
A new sophisticated more aggressive Android malware strain dubbed RedDrop contains a number of functions that cause financial and data loss on infected devices. The RedDrop malware found in more than 53 apps. The RedDrop malware includes a number of parameters to steal sensitive data’s such as photos, contacts. images, Nearby WiFi Networks data, Application Engaging post, Read More…
thumbnail courtesy of gbhackers.com
If you like to receive more of these curated safe harbor news alerts then subscribe to my mailing list. and come back soon at https://www.safeharboroncyber.com/Blog/ to read further CyberWisdom Safe Harbor Commentaries. Home » Curated SafeHarboronCyber’s CyberWisdom Post »