Crash the Party: SecuriDropper Sneaks Malware into Androids – A Dinner Guest You Don’t Want to Invite!

Android malware bypass techniques have taken a comedic turn. Like uninvited guests, SecuriDropper sneaks past Android’s ‘Restricted Settings’ with a truckload of malware. It’s a Trojan horse in an app’s clothing, offering a malware surprise instead of chocolates. Remember folks, always double-check your app permissions, unless you enjoy digital Brussels sprouts!

Hot Take:

Hold onto your Androids folks, because it seems the cyber bad guys have found a new way to play. A cheeky new operation named ‘SecuriDropper’ is dropping by uninvited, bypassing Android’s ‘Restricted Settings’ feature to install malware on devices. It’s like inviting someone over for a cozy dinner and they show up with their entire extended family, a truckload of furniture and a plan to repaint your living room. Rude!

Key Points:

  • SecuriDropper, a new dropper-as-a-service (DaaS) cybercrime operation, has emerged, using a method that bypasses Android’s ‘Restricted Settings’ feature to install malware.
  • ThreatFabric reported in August 2022 that malware developers were already adjusting their tactics to this new measure through a dropper named ‘BugDrop.’
  • The trick is to use the session-based installation API for the malicious Android package (APK) files, which installs them in multiple steps, bypassing Restricted Settings.
  • SecuriDropper infects Android devices by posing as a legitimate app, then installing a second payload, which is malware.
  • To protect against these attacks, Android users should avoid downloading APK files from obscure sources or publishers they don’t know and trust.

Need to know more?

The Trojan Horse of Apps

SecuriDropper is like a Trojan horse - it looks like your typical app, but it's carrying a payload of malware. It's like buying a box of chocolates and finding out it's filled with Brussels sprouts. The dropper gains access by asking for seemingly innocent permissions, then sneakily installs the malware.

A Bug by Any Other Name

BugDrop was the first to utilize this method, proving that if there's a loophole, someone will find it. But don't be fooled by the name - this bug won't drop it like it's hot, it drops it like it's malware.

Bad Apps Bad Apps, What Ya Gonna Do?

SecuriDropper has been seen distributing Ermac trojans disguised as the Chrome browser and SpyNote malware disguised as Google Translate. It's like a costume party where everyone's dressed as a villain.

Sticking it to the Zombinder

ThreatFabric also reports on the re-surfacing of Zombinder, another DaaS operation that 'glues' malicious payloads with legitimate apps. Like adding a little extra 'spice' to your grandmother's secret sauce recipe, except the spice is malware.

Protection is the Best Policy

Android users should avoid downloading APK files from unknown sources and review access permissions for any installed app. It's like double-checking your Halloween candy - you don't want to bite into a chocolate-covered worm.
Tags: android security, BugDrop, malware distribution, restricted settings bypass, SecuriDropper, ThreatFabric, Zombinder