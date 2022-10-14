ContributorsPublishersAdvertisers
Cell Phones

How spyware hides in apps already on your phone

By Grant Gross
WashingtonExaminer
WashingtonExaminer
 3 days ago

https://img.particlenews.com/image.php?url=2Wq5M0_0iYLFNte00

A new piece of spyware , hiding within downloadable Android apps, is targeting Middle Eastern smartphone users and can steal their contact lists, see their location data, and read files on their devices.

The so-called RatMilad spyware, discovered by mobile security provider Zimperium, was originally hidden in an app called Text Me, which was supposedly a virtual private network and phone number spoofing tool, Zimperium said in a blog post. Such apps are commonly used by social media users in countries where access is restricted, the company said.

RatMilad isn’t available in the Android app store, but instead is being distributed through links in social media and in communication apps, Zimperium said. The malware can perform a wide range of spying functions, such as accessing the victim’s contact list and call logs and seeing the phone’s SIM card information.

“Over the past few years, mobile spyware has gone from being a core tool of government and intelligence-gathering organizations operating in the shadows to a threat accessible by everyone to target anyone,” Zimperium researchers wrote. “As smaller spyware organizations rise up, using established distribution models to share new and updated code, along with malware as a service offering through the dark web, the barrier of entry for spyware lowers.”

The spyware campaign, distributed through communications apps, isn’t surprising, said Dale Waterman, the managing director for the Middle East at Breakwater Solutions, a cybersecurity consulting provider.

“Cybercriminals are using trusted platforms like Telegram and WhatsApp to distribute download links to the spyware because they recognize that many governments in the region do not permit the call functionality of apps like WhatsApp,” he said. “If you consider the number of expats living and working across the Middle East, with many away from immediate family and loved ones, then it becomes obvious why bad actors would use a VPN scam to socially engineer access to devices.”

In addition, many Middle Eastern countries are catching up with stronger privacy laws, such as the General Data Protection Regulation in Europe, he added. “Consumers in the region are therefore completely de-sensitized to being constantly bombarded with unsolicited marketing and offers,” Waterman said. “This reduces the likelihood of consumers questioning the origin of the messages.”

Several cybersecurity experts warned smartphone users against installing apps obtained outside official app stores.

Google and Apple both put apps through comprehensive security checks before allowing them on their app stores, noted Petko Stoyanov, the global chief technology officer at cybersecurity provider Forcepoint . While some malware sneaks through, the app stores offer smartphone users a safer experience, he said.

"Smartphone users should only download applications with a significant number of reviews and stars,” he advised. “No one wants to be patient zero, and you should not download any apps with no reviews.”

In addition, smartphone users should pay attention to which permissions are needed by the apps they install, Stoyanov added. “If a simple calculator app is asking for read/write permission to your photos, it might be more than a calculator,” he said.

Other cybersecurity experts agreed that smartphone users should not download apps outside of official app stores. “Using third-party app stores is risky, and sideloading apps found in random Telegram comments is generally asking for trouble,” said Joe Stewart, the principal security researcher at eSentire , a cybersecurity provider.

While it’s unclear who is distributing RatMilad, it looks like a government spying operation, he said. The spyware was discovered in an enterprise environment, but corporate users aren’t typically looking for VPN and phone number spoofing apps, he said.

“Given the targeting and capabilities of the malware, my guess would be that this malware is being used by the Iranian government to spy on dissidents and protesters,” Stewart said. “The wider distribution of the malicious app over Telegram channels instead of spearphishing, which is more typical for state-sponsored targeting, could be due to the mass protests happening in Iran currently.”

Comments / 0

Related
WashingtonExaminer

WATCH: Shocking footage shows Pelosi and Schumer reacting to Jan. 6 riot in real time

Video footage displayed during the Jan. 6 committee's presentation on Monday showed top Democrats reacting to the violence on Jan. 6 in real time. The roughly seven-minute video mashup, which was mixed with footage of violent rioters storming the Capitol, showed House Speaker Nancy Pelosi (D-CA) and Senate Majority Leader Chuck Schumer (D-NY) scrambling behind the scenes as the riot unfolded.
PROTESTS
shefinds

Apple Experts Say You Should Delete These 3 Apps Immediately–They’re Ruining Your Phone!

To delete or not to delete — that is the ongoing burning question when it comes to apps and ways you can keep your iPhone and its battery in good shape. The apps that you use most can also be among those that are dwindling your phone’s battery down to nothing. And the more an app offers in terms of functionality and cool features, the more likely it is (usually) to be taxing on your phone’s battery and storage.
CELL PHONES
shefinds

4 Apps You Should Remove Immediately Because They’re Slowing Down Your iPhone

Your iPhone is slow and sluggish — and you’ve done everything you can to try and find solutions. You’re only charging it with Apple-certified accessories and maybe you’ve even kicked your overnight charging habit in favor or something less frequent but more effective. That’s all great, but the apps that you are using could still be doing a number on your device and dragging it to a snail’s pace.
CELL PHONES
Android Police

How to delete cookies on Android

Cookies are small text files that websites save on your device to enhance your browsing experience. These files contain data that help websites remember your login information and preferences and deliver locally relevant content. Thanks to cookies, you don't have to enter your login credentials every time you visit a website or set your browsing preferences.
CELL PHONES
WashingtonExaminer

Social Security update: Maximum payment of $4,194 to be sent out to millions in just six days

Social Security retirement payments of up to $4,194 will be rolled out to beneficiaries in just six days. The average retiree receives $1,673 per month from Social Security, but those who refrain from retiring until age 70 could be eligible to receive the maximum benefit of $4,194. Payments are slated to be sent out on Oct. 19 for individuals with birthdays between the 11th and 20th of a given month.
BUSINESS
WashingtonExaminer

WashingtonExaminer

Washington, DC
246K+
Followers
71K+
Post
128M+
Views
ABOUT

News about the White House, Congress and the Federal Government

 https://www.washingtonexaminer.com

Comments / 0

Community Policy