Russian Military and Organizations Under Siege: Android Spyware and Windows Backdoor Unleashed
Russian military personnel, beware! A new malicious campaign is targeting you with Android spyware disguised as the Alpine Quest mapping software. The spyware, Android.Spy.1292.origin, collects sensitive data and monitors locations. Remember, if the app sounds too good to be true, it probably has a Trojan horse in it! Stick to trusted app marketplaces.
Hot Take:
Looks like the Russian military can’t catch a break, even in the digital world. Maybe they should stick to good old-fashioned paper maps and carrier pigeons. At least you can’t Trojan horse a pigeon. And as for the backdoor masquerading as a secure update, it’s like finding out your diet soda is just regular soda in disguise. Talk about a betrayal!
Key Points:
- Russian military personnel are being targeted with Android spyware disguised as Alpine Quest mapping software.
- The spyware, Android.Spy.1292.origin, is distributed via fake Telegram channels and Russian Android app catalogs.
- Infected apps collect sensitive data, including geolocation and contact lists, and can download additional malicious modules.
- Kaspersky disclosed a separate attack on Russian organizations via a backdoor posing as a ViPNet software update.
- The backdoor enables attackers to connect to a C2 server, steal files, and execute further malicious actions.
Already a member? Log in here