Cyber Security Experts Just Discovered A New Trojan Targeting Android Users

Sundar Pichai - Oct 05, 2019


Cyber Security Experts Just Discovered A New Trojan Targeting Android Users

Monokle attacks targeted Android devices through counterfeit applications, compromising the devices’ passwords, PINs, or locking patterns.

Nation-state mobile attacks are on the rise, pressurizing countries, as well as enterprises, to build sufficient security infrastructure that protects against the growing threat of mobile surveillanceware. Pegasus, a spyware invading the operating system of Apple mobile devices, was discovered in 2016. Through a malicious link, Pegasus is able to read text messages, tracking calls, collecting passwords, and interfering with other activities on infected phones, thus compromising users’ privacy.

Mobile surveillanceware becomes more complicated as with the development of antivirus tools and malware detection software. Recently, Monokle appears as a great example of an advanced mobile malware that is described as “never seen in the wild before.”

A Russian Military Contractor Has A Shady New Andr
Monokle is a great example of an advanced mobile surveillanceware.

Monokle was discovered by Lookout, a private IT security company based in California. It is a part of several targeted campaigns carried out by Russian firm Special Technology Center (STC), according to Lookout experts. The firm has been sanctioned by the US Government for having interference in the 2016 US Presidential Elections. 

Abb Russia 2 May 29
Monokle is developed by a Russian-based Special Technology Center (STC).

How dangerous is Monokle?

Monokle was discovered by Lookout, a private IT security company based in California. It is part of several targeted campaigns carried out by the Russian firm Special Technology Center (STC), according to Lookout experts. The firm has been sanctioned by the US Government to have interference in the 2016 US Presidential Elections. 

Mobile Threat Skull
The malware uses an advanced technique of data exfiltration

As described, Monokle attacks targeted Android devices through counterfeit applications of Skype, Google Play, and more. Aiming to steal personal information, it compromises the devices’ passwords, PIN, or pattern during a screen unlock event. Novel techniques make it more effective to exfiltrate data from third-party apps without root access. Above that, the surveillanceware employs predictive-text dictionaries which interpret interested topics to a targeted device. 

Particularly, Monokle is found in a limited set of applications, implying that the malware attacks highly targeted devices. Users will have no doubt when downloading fake apps due to their legitimate functionality. 

Cyber Security 1564142064
Attacks using Monokle are highly targeted.

For these capabilities, Monokle is posing a major security risk for Indian mobile users, including both iOS and Android devices, as said by a senior government official. 

About the Special Technology Center (STC)

In 2016, the Special Technology Center (STC) is supposed to provide material support for an alleged party that has interference in the 2016 US Governmental Elections. Specifically, the company has been supplying Radio Frequency (RF) and Unmanned Aerial Vehicles (UAVs) equipment for the Russian military, as well as other customers of the government. 

Tass14133467
STC is supposed to have interference in the 2016 US Elections

Through STC’s connection to its own antivirus software named Defender that Lookout recognized it as the developer of Monokle. STC also develops other Android security software, both offensive and defensive, that stands the chance of surveillance. 

Comments

Sort by Newest | Popular

Next Story