Tech News
Mandrake Android Malware Creeps Up On Google Play Store Again
Years after targeting Android malware, the seemingly dormant Mandrake malware reemerges with a sneaky campaign. Researchers found Mandrake quietly existing on the Google Play Store for at least a year, infecting thousands of users.
Mandrake Malware Sneakily Infected Numerous Play Store Apps
According to a recent report from Kaspersky, Mandrake Android malware has reappeared on the Google Play Store. The notorious spyware was found in five different applications on the Play Store and remained there for 2022 and 2024, garnering 32,000 downloads.
Mandrake malware first became known in 2020 when Bitdefender spotted it targeting Android users. Since then, the malware has enhanced its maliciousness, as evident by its recent variant.
Kaspersky researchers noticed “layers of obfuscation” in the malware code, which might have helped the malicious apps bypass Google Play Store security checks. Moreover, the malware also applies a stealthy communication strategy with its C&C server. It uses certificate pinning to prevent SSL traffic snooping. In addition, it applies various sandbox evasion and anti-analysis techniques to remain under the radar.
The researchers found the new Mandrake variant upon analyzing a suspicious app. In total, they found the following five apps from three developers carrying the malware.
| Application name on Google Play Store | App package | Developer name |
| AirFS | com.airft.ftrnsfr | it9042 |
| Astro Explorer | com.astro.dscvr | shevabad |
| Amber | com.shrp.sght | kodaslda |
| CryptoPulsing | com.cryptopulsing.browser | shevabad |
| Brain Matrix | com.brnmth.mtrx | kodaslda |
All five apps appeared on the Google Play Store in 2022 and stayed there until 2023, except one, AirFS, which was last updated in March 2024 before being removed. The latter also seemed to be the most popular app of all five, attracting over 10,000 downloads.
In their report, the researchers have presented a detailed technical analysis of the new Mandrake variant. While the exact entity of the threat actor behind the latest campaign remains unknown, Kaspersky believes it must be the same threat actor group that first executed the 2020 campaign caught by Bitdefender.
As for the victims, most users belong to the UK, Germany, Canada, Mexico, Spain, Italy, and Peru.
Let us know your thoughts in the comments.
Zelenskyy says ready to quit as president in exchange for Ukraine’s NATO membership
These are the text messages that allegedly got a former Bungie executive fired, according to a court document written by Sony
US AI Safety Institute could face big cuts
Ditch storage limits with a 2TB lifetime cloud storage plan
German far-right party AfD could see historic gains in this election. Here’s why – National
3 Reasons to Grow Your Family’s Ability to Hope
Trump targets college affirmative action — DOJ, start here
Pachinko comedy adventure game Jump the Track announced
Everything new in Marvel Rivals Season 1.5 update
Get a $199 Scosche multi-device charging dock for just $39 right now
Singapore Airlines CEO set to join board of Air India, BA News, BA
Bangladeshi police agents accused of selling citizens’ personal information on Telegram
Croatia to reintroduce compulsory military draft as regional tensions soar
The Criterion Collection announces November 2024 releases, Seven Samurai 4K and more
Satisfy Your Meat and BBQ Cravings While in Texas
The Top 20 Motivational Instagram Accounts to Follow (2024)
15 Best Magnetic Tile Race Tracks for Kids!
15 of the Best Trike & Tricycles Mums Recommend
Soccer team’s drone at center of Paris Olympics spying scandal
Have Unlimited Korean Food at MANY Unlimited Topokki!
-
Destination5 months agoSingapore Airlines CEO set to join board of Air India, BA News, BA
-
Tech News9 months agoBangladeshi police agents accused of selling citizens’ personal information on Telegram
-
Breaking News6 months agoCroatia to reintroduce compulsory military draft as regional tensions soar
-
Gaming6 months agoThe Criterion Collection announces November 2024 releases, Seven Samurai 4K and more
-
Guides & Tips7 months ago
Satisfy Your Meat and BBQ Cravings While in Texas
-
Toys7 months ago15 Best Magnetic Tile Race Tracks for Kids!
-
Motivation9 months agoThe Top 20 Motivational Instagram Accounts to Follow (2024)
-
Toys8 months ago15 of the Best Trike & Tricycles Mums Recommend