A new malicious campaign on the Google Play Store targeting Android devices dubbed PhantomLance has been discovered. According to the security researchers, the campaign has been active since at least 2015 and is ongoing. The campaign features multiple versions of sophisticated spyware that was created to gather the data of victims and targeted devices.
Another hallmark of the campaign is that it used smart distribution tactics such as distribution via dozens of applications on the Google Play store, according to researchers at Kaspersky. The spyware campaign also used alternative Android app stores for distribution such as APKpure and APKCombo. Kaspersky researchers say that the PhantomLance spyware overlapped with other attacks that targeted Windows and MacOS that were attributed toa hacker group known as OceanLotus believed to be based in Vietnam that was also tracked as APT32.
Researchers say that the malware used in this particular campaign is a lot more complicated than the typical malware used by cybercriminals to steal financial information and credentials from Southeast Asian Android users. The majority of users impacted by this campaign are located in Vietnam, with a small number located in China. Information that the malware campaigns are targeting included information about geolocation, call logs, contacts, text messages, lists of installed apps, and device information.
Kaspersky researchers say that the threat actor was able to download and execute various malicious payloads allowing it to adapt the payload making it suitable to a specific environment. Researchers say that the methods allow the threat actor to avoid overloading the application with unnecessary features while gathering the desired information. The researchers do say that the backdoor apps that they discovered have been removed from the Play Store, but they persisted in the unofficial app marketplaces. These apps were first uploaded without any malicious payloads or code required to drop the malicious payloads on the compromise devices. The malicious behaviors were added via updates. Malware is a problem for all devices and is a big issue for email users. Google said not long ago that it blocks 18 million malicious emails per day.
Sony is going all-out to sell more PlayStation 5 consoles
Embracer spends more on platform fees than it does on games development
The Google Pixel 8 leaks continue with new renders and color options
Apple explains why you'll need USB-C AirPods Pros to get lossless audio on your Vision Pro
Apple's FineWoven iPhone 15 cases were put through the iFixit wringer and it didn't go well.
MAINGEAR MG-1 Silver Gaming PC Review
MSI Immerse GH50 Wireless Gaming Headset Review
TeamGroup T-Force Z540 2TB SSD Review - Fastest Retail SSD to Date
Ace Magician AMR5 "Ryzen 5800U" Mini PC Review
XPG Core Reactor II 850w ATX 3.0 80 PLUS Gold PSU Review
Gran Turismo Cinema Review
Phison E26 Max14um ES 2TB SSD World Exclusive Preview - Fastest in history
First-Person Shooter documentary review: Chronicle of Carnage
Indiana Jones and the Dial of Destiny Cinema Review
Power all your gaming needs with MSI's ATX 3.0 and PCIe 5 range of PSUs