Researchers at Skycure have discovered a new strain of Android spyware, dubbed Exaspy, that has been used in targeted attacks against high-level executives.Researchers from Skycure discovered an instance of the Exaspy malware that was installed on an Android 6.0.1 device owned by a Vice President at an unnamed company.
Here is how the app installs itself when it runs for the first time:
- Malware requests access to device admin rights
- Asks (nicely) for a licence number
- Hides itself
- Requests access to root (if the device is rooted and managed through popular rooting apps). Once granted, it installs itself as a system package to make its uninstallation process harder.”
Mitigation efforts should include disabling USB debugging and regularly checking an Android’s Device Administrators list and disable components you don’t trust
http://securityaffairs.co/wordpress/53108/malware/exaspy-spyware.html
Leave a Reply
You must be logged in to post a comment.