It is a common technique for criminals to target gaming applications as a propagation vector for malware distribution. Recently, I observed just such a malicious Android app, which acted as an interesting information stealer and then self-destructed. I took this case to investigate further as an interesting research.
Introduction Advanced Persistent Threats (APTs) are growing as a serious concern as they represent a threat to an organization’s intellectual property, financial assets and reputation. In some cases, these threats target critical infrastructure and government institutions, thereby threatening the country’s national security itself. The defensive tools and other controls are frequently rendered ineffective because the […]
In an earlier blog post I had published the summary of our findings of a malware analysis done, which had a number of common points with the Norman “Hangover” Report. At that stage the full report was not published, as I had initially wanted to share it with law enforcement agencies in India, which I […]
In early 2012, a client contacted us with suspicious-looking emails that he had received. There were two emails received by the client. While we completed the investigation and submitted the report to the customer at that time, we never took the case forward. However, when the Norman Hangover report was published it rang a few […]
Many times we receive SMS’s on our cell phones displaying messages like the one shown below: Typically a phone number to call or a website link is given which asks the user to provide his/her personal identifiable information – bank account number, PIN, or credit card number – to claim the prize money. When an […]
For my research, I chose to analyze a popular Android application for malwares. But why select a Russian version? Well, it made a compelling case study from analysis perspective that I later found out during my research. The application I selected was popular game called FruitNinja downloaded from Russian Fake Android Store (Figure 1). Figure […]
Some days back I was greeted by a Google Safe browsing warning when I tried visiting a ‘known’ site. As I was sure it was supposed to be clean and harmless site, I thought it would be good to dig further into this problem. The trail led to interesting amounts of codes, concepts and techniques. […]
