Apr 09, 2014 10:44 AM EDT
FireEye recently announced last month, a recent targeted attack on a US-based financial institution that points to a new strategy for black market hackers: optimizing for Android. The new tool is called WinSpy. WinSpy indicates RATs (Remote Administration Tools) targeting Windows systems are beginning to optimize for Android as cyber criminals continue to move their focus towards mobile malware.
According to FireEye, WinSpy enables hackers to surveil and retrieve screenshots from infected devices, further proof that we are officially in the age of digital surveillance and intellectual property theft. The company recently observed a targeted attack on a U.S.-based financial institution via a spear-phishing email. The payload used in this campaign is a tool called WinSpy, which is sold by the author as a spying and monitoring tool. The features in this tool resemble that of many other off-the-shelf RATs (Remote Administration Tools) available today.
The company also observed a second campaign by a different attacker where the WinSpy payload was implanted in macro documents to attack various other targets in what appears to be a spam campaign. FireEye’s recent blog post states that the command-and-control (CnC) infrastructure used in the attack against the financial institution is owned and controlled by author of WinSpy.
While analyzing the windows payloads for WinSpy, the company also discovered that it also had Android spying components, which we have dubbed GimmeRat. The Android tool has multiple components allowing the victim’s device to be controlled by another mobile device remotely over SMS messages or alternatively through a Windows-based controller.
FireEye also describes the Windows-based controller is simplistic and requires physical access to the device. The recent surge in Android-based RATs such as Dendroid and AndroRAT shows a spike in the interest of malicious actors to control mobile devices. GimmeRAT is another startling example of malicious actors venturing into the Android ecosystem.
2. Sep 15, 2021
5 Strategies to Help Bloggers Deal With Criticism Online
3. Aug 05, 2021
6 Reasons Your Technology is Outdated and Costing You Money
4. Aug 05, 2021
4 Questions To Ask When Choosing a Digital Transformation Platform
1. Jul 15, 2021
Social Media and Mental Health: How Technology Affects Wellbeing
2. Jul 15, 2021
This Is Why Android Is a Much Better Platform for People on a Budget
3. Jul 15, 2021
Using Customer Data To Enhance Mobile App Development
4. Jun 18, 2021
If Time Is Money, Here Is How to Reclaim Some of Yours