Researchers have uncovered a malicious campaign where a trojan named Android.Spy.1292.origin is embedded in modified versions of the Alpine Quest mapping app. This malware is particularly concerning as it targets Russian military personnel involved in operations. The trojan not only masquerades as the legitimate app to escape detection but also gathers sensitive data including location, phone numbers, and file information. Furthermore, it has the capability to download additional modules for further spying, making it a significant threat to privacy and security.
Android.Spy.1292.origin not only allows user locations to be monitored but also confidential files to be hijacked, expanding its functionality via new modules.
The attackers hide this trojan inside modified Alpine Quest mapping software and distribute it in various ways, including through one of the Russian Android app catalogs.
Collection
[
|
...
]