Three apps, uploaded by Sun Team, steals user information from the installed devices
HYDERABAD, MAY 18
Cyber experts at McAfee have detected return of a hacker group that had populated a few malware-laden apps on Google Play platform which can steal information from the mobile devices. “We found three apps uploaded by the actor we named Sun Team, based on email accounts and Android devices used in the previous attack. While one is a food ingredient app, the other two are app-lock apps,” a McAfee expert said.
These apps, when downloaded, secretly steal device information and receive commands and additional executable (.dex) files from a cloud control server. Once downloaded, these malwares would spread to friends, asking them to install the apps and offer feedback via a Facebook account with a fake profile that heavily promote the hacker source.
“This malware campaign used Facebook to distribute links to malicious apps that were labelled as unreleased versions. From our analysis, we conclude that the actor behind both campaigns is Sun Team,” the Inernet security solutions company said.
How to be safe
“Be cautious when installing unreleased or beta versions of any app. Also, check the number of downloads to see if an app is widely installed. Make it a point to avoid obscure apps,” it said. “Always keep your mobile security application updated to the latest version. The most worrying thing about this Sun Team operation is that they use photos uploaded on social network services and identities of South Koreans to create fake accounts,” it said.
“We have found evidence that some people have had their identities stolen; more could follow. They are using texting and calling services to generate virtual phone numbers so they can sign up for South Korean online services,” it added.