Trending...
- Santa Monica Businesses Push Back on Bus Stop Relocation That Threatens Access and Safety
- GreenPal Empowers Lawn Care Pros Leveraging AI, Surpasses 5 Million Transactions
- Psychedelics for Vets? CCHR Cites History of Exploitation and Failed Science
Threat actors exploit consumer trust in legitimate government apps to plant malicious packages
AMSTERDAM - nvtip -- EclecticIQ, the global provider of cyber threat intelligence (CTI) technology solutions, has teamed up with fraud and cybercrime prevention experts at ThreatFabric to publish the findings of an investigation into instances of threat actors actively pushing malicious Android packages disguised as legitimate contact tracing applications.
Key analysis points by ThreatFabric and EclecticIQ reveal that:
The findings of the report suggest that threat actors will almost certainly continue to use commodity and open source-based malware disguised as legitimate contact tracing applications for financial gain. The low barrier to entry provided by these tools and the continued rollout of contact tracing applications by nations, presents continued financial opportunity for cybercriminals into the near future. Malicious actors have shown their willingness to exploit the current pandemic by targeting legitimate contact tracing applications consistently in recent months. Samples analyzed by EclecticIQ and ThreatFabric researchers had an earliest estimated build time of April 12th, 2020 with the latest being June 23rd, 2020.
More on nvtip.com
Peter Ferguson, Cyber Threat Intelligence Specialist at EclecticIQ's Fusion Center commented:
"Users should never download contact tracing android applications from links sent to them or from third party stores. If they are interested in downloading their nation's contact tracing application, they should use the official site or the Google Play Store."
Gaetan van Diemen, General Manager at ThreatFabric commented:
"Threat actors have become very efficient in tricking users into downloading and installing a phenomenal variety of malicious apps on their mobile devices. To avoid fraud and brand or reputation damage, we strongly recommend app developers and online service providers to adapt their security strategy based on the factual evolution of the mobile threat landscape."
Additional Resources:
About EclecticIQ
EclecticIQ enables intelligence-powered cybersecurity for government organizations and commercial enterprises. We develop analyst-centric products and services that align our clients' cyber security focus with their threat reality. The result is intelligence-led security, improved detection and prevention, and cost-efficient security investments.
Our solutions are built specifically for analysts across all intelligence-led security practices such as threat investigation and threat hunting, as well as incident response efforts. We tightly integrate our solutions with our customers' IT security controls and systems. EclecticIQ operates globally with offices in Europe, the United Kingdom and North America, and via certified value-add partners.
More on nvtip.com
Learn more at www.eclecticiq.com
About ThreatFabric
ThreatFabric helps financial institutions protect their online services, stop fraud and enhance customer experience. Powered by threat intelligence, ThreatFabric's solutions offer a holistic approach to risk detection and fraud prevention. MTI (Mobile Threat Intelligence) provides global visibility and context on the mobile banking threat landscape. It is the threat intelligence solution to use to protect personal data, customers and brand from financially motivated threat actors. It includes the strategic overview of threats and context as well as all relevant technical indicators. CSD (Client Side detection) provides the answer to the constantly-evolving fraud landscape and regulatory challenges. An omnichannel solution that empowers financial institutions to pro-actively detecting known and unknown threats to mitigate fraud and build trust across their online services.
Learn more at www.threatfabric.com
Key analysis points by ThreatFabric and EclecticIQ reveal that:
- Threat actors have been disguising Android packages as legitimate government-backed contact tracing applications for financial gain.
- There is evidence to suggest that actors have used repackaged commodity and open-source malware to lower the investment required in the observed campaigns.
- Third-party port forwarding, and secure tunneling services have probably been used to provide anonymization to command and control (C2) infrastructure.
- The Android packages were probably delivered through links pointing to phishing pages.
The findings of the report suggest that threat actors will almost certainly continue to use commodity and open source-based malware disguised as legitimate contact tracing applications for financial gain. The low barrier to entry provided by these tools and the continued rollout of contact tracing applications by nations, presents continued financial opportunity for cybercriminals into the near future. Malicious actors have shown their willingness to exploit the current pandemic by targeting legitimate contact tracing applications consistently in recent months. Samples analyzed by EclecticIQ and ThreatFabric researchers had an earliest estimated build time of April 12th, 2020 with the latest being June 23rd, 2020.
More on nvtip.com
- SeedList Launching Institutional Crypto Crowdfunding Project to Empower Retail Investors and Disrupt the VC-Dominated Crypto Fundraising Landscape
- SOCIETY OF INDUSTRIAL AND OFFICE REALTORS® ELECTS INCOMING OFFICERS
- California Family Launches Billboard to Reach "Pardon Czar" Alice Marie Johnson
- Rent Like A Champion Acquires CollegeWeekends
- Sumter Landing Dental Care Launches Summer Special on Full Mouth Reconstruction
Peter Ferguson, Cyber Threat Intelligence Specialist at EclecticIQ's Fusion Center commented:
"Users should never download contact tracing android applications from links sent to them or from third party stores. If they are interested in downloading their nation's contact tracing application, they should use the official site or the Google Play Store."
Gaetan van Diemen, General Manager at ThreatFabric commented:
"Threat actors have become very efficient in tricking users into downloading and installing a phenomenal variety of malicious apps on their mobile devices. To avoid fraud and brand or reputation damage, we strongly recommend app developers and online service providers to adapt their security strategy based on the factual evolution of the mobile threat landscape."
Additional Resources:
- Read full report here
About EclecticIQ
EclecticIQ enables intelligence-powered cybersecurity for government organizations and commercial enterprises. We develop analyst-centric products and services that align our clients' cyber security focus with their threat reality. The result is intelligence-led security, improved detection and prevention, and cost-efficient security investments.
Our solutions are built specifically for analysts across all intelligence-led security practices such as threat investigation and threat hunting, as well as incident response efforts. We tightly integrate our solutions with our customers' IT security controls and systems. EclecticIQ operates globally with offices in Europe, the United Kingdom and North America, and via certified value-add partners.
More on nvtip.com
- Seligson Law Launches New Website to Support Cannabis Businesses in California and New York
- RISE Festival Partners With Globally Renowned Tao Group Hospitality To Unveil "The Sanctuary"
- databahn Announces Subscription Access to Fortune 500 GenAI Deep Dive Sales Intelligence Reports
- AI startup Congero offers instant websites with 24/7 updates - aiming to replace web agencies
- Lucid, Nuro, and Uber Partner on Next-Generation Autonomous Robotaxi Program
Learn more at www.eclecticiq.com
About ThreatFabric
ThreatFabric helps financial institutions protect their online services, stop fraud and enhance customer experience. Powered by threat intelligence, ThreatFabric's solutions offer a holistic approach to risk detection and fraud prevention. MTI (Mobile Threat Intelligence) provides global visibility and context on the mobile banking threat landscape. It is the threat intelligence solution to use to protect personal data, customers and brand from financially motivated threat actors. It includes the strategic overview of threats and context as well as all relevant technical indicators. CSD (Client Side detection) provides the answer to the constantly-evolving fraud landscape and regulatory challenges. An omnichannel solution that empowers financial institutions to pro-actively detecting known and unknown threats to mitigate fraud and build trust across their online services.
Learn more at www.threatfabric.com
Source: EclecticIQ
0 Comments
Latest on nvtip.com
- Opteamix Launches StackRewrite.AI to Transform Enterprise Legacy Modernization
- "The Pornified Generation": Dr. Chris Samuels Exposes the Toxic Alliance Between Bro Culture and Pornography That's Rewiring a Generation
- The Modern Insurance Store Expands Medicare Help Services for Seniors in Cincinnati
- Ironside HR Named Fastest-Growing Staffing Firm for Second Year
- Inframark Continues to Build Its Community Management Capabilities and Multi-Disciplinary Presence in Arizona
- ICAST 2025: The Crystal-Clear Revolution Begins at Booth #3233
- Brindle Pet Supplies Now Carries Badlands Ranch Dog Food in Canada
- $10 Million Allocated to Establish Crypto Treasury Focused on High Value Ethereum (ETH) & Bitcoin (BTC) as Long-Term Holdings for Cybersecurity Leader
- Sing For Your Supper: A Night of Musical Comedy and Drag for a Great Cause
- Cummings Graduate Institute for Behavioral Health Studies Celebrates New DBH Graduates
- $100 to $200 Million Equity Agreement with Top Digital Advisor Bitwise to Power Major Digital Asset Initiative for Bitcoin and Solana: OFA Group
- New Collaboration Launches Corporate ESG Solution for Responsible Decommissioning and Transparent Reporting
- SlickCashLoan Launches Free Loan Calculator to Help You Plan Monthly Payments
- EigenQ and WNC Announce Strategic Collaboration to Deliver FIPS-Certified Quantum-Safe Hardware at HPE Discover 2025
- TikTok Star ArcadeFriends Attempts 24-Hour Claw Machine Marathon at Lucky Puppy Arcade in Las Vegas
- Pyro Marketing Launches New Website to Accelerate Growth for Fitness Brands
- KCON LA 2025, 106.3 RAIN FM 'Take Over' Special Event
- After 80+ Years, the National Hardware Show Transforms Itself with a Bold New Mission: Getting Products to Market Faster, Smarter, and More Profitably
- The Citizens Commission on Human Rights Annual Purple Heart Day Event will be Hosted at the Historic Fort Harrison
- Blake Harris the Leading Authority in International Asset Protection Joins Tom Hegna on "Financial Freedom with Tom Hegna"