New “GnatSpy” Mobile Malware Stealing data Such as Images, Text messages, Contacts, and Call History
A newly emerging mobile malware GnatSpy capable of abusing infected mobile and stealing various type of data such Images, Text messages, Contacts, and Call History.
GnatSpy is a new variant of VAMP which is dangerous Google Android malware family that mainly targeting mobiles to stealing sensitive data.
This malware family detected as ANDROIDOS_GNATSPY. since distribution actor has not cleared identified, though researchers believe that threat actors sent them directly to users to download and install on their devices.
GnatSpy mobile malware mimics as “Android Setting” or “Facebook Update” to make users believe they were legitimate.
VAMP is an earlier version of this GnatSpy and its behavior altered by Gnatspy mobile malware and adding some sophisticated future later it spreading across to specific targeted groups or individuals.
GnatSpy Mobile Malware Improved capabilities and Working Function
some of the futures are very similar to VAMP variant but it newly evolved with some sophisticated threat actor and behavior.GnatSpy’s app structure has completely improved and More receivers and services have been added by this malware author and researchers believe that malware author is sound knowledge of software design practices.
Old and new receivers and services
To perform an evasion technique to avoid detection, this malware using Java annotations and reflection methods.
Earlier versions of VAMP contained the C&C server used in a simple plain text, making detection by static analysis tools easier..but new variant using hardcoded in the malicious app’s code.
Hardcoded C&C Server
Here, hardcoded URL malware is not the final C&C server but it again sends back to the original location of the actual C&C server.
Request and response pair for C&C server
In this case, many of GnatSpy used servers are a newly registered
server. and registered person names appear to have been directly taken
from various television shows.An earlier version of this malware makes System Manager on Huawei devices to grant permissions to itself and similarly, Xiaomi devices also granted permission.
But the new version has spread with highly sophisticated techniques and it targets including several function calls targeting newer Android versions (Marshmallow and Nougat).
Code for Marshmallow and Nougat Android versions
“More information about the device is stolen as well, including
information about the battery, memory and storage usage, and SIM card
status. Curiously, while previous samples collected information about
the user’s location via OpenCellID, this is no longer done by GnatSpy.”
Trend Micro said.
Do you need to increase your credit score?
ReplyDeleteDo you intend to upgrade your school grade?
Do you want to hack your cheating spouse Email, whatsapp, Facebook, instagram or any social network?
Do you need any information concerning any database.
Do you need to retrieve deleted files?
Do you need to clear your criminal records or DMV?
Do you want to remove any site or link from any blog?
you should contact this hacker, he is reliable and good at the hack jobs..
contact : cybergoldenhacker at gmail dot com
Hello
ReplyDeleteWe are professional traders, earning on forex and binary for investors weekly, will love to tell you all more about our investment platform where you can invest funds as little as $200 and start earning $2500 weekly, alot of people has benefited from this investment offer before and during this convid-19 virus, if you passing through financial difficulties due to this coronavirus and you need help paying bills simply choose a suitable investment plan for yourself and start making profit weekly
$500 to earn $5,000 in 7 days
$1000 to earn $10000 in 7 days
$5000 to earn $50000 in 7 days
To Start your investment now contact Via whatsapp: (+12166263236)
email: carlose78910@gmail.com
Special thanks to (hackingsetting50@gmail.com) for exposing my cheating husband. Right with me i got a lot of evidences and proofs that shows that my husband is a fuck boy and as well a cheater ranging from his text messages, call logs, whats-app messages, deleted messages and many more, All thanks to
ReplyDelete(hackingsetting50@gmail.com), if not for him i will never know what has been going on for a long time.
Contact him now and thank me later.
Special thanks to (hackingsetting50@gmail.com) for exposing my cheating husband. Right with me i got a lot of evidences and proofs that shows that my husband is a fuck boy and as well a cheater ranging from his text messages, call logs, whats-app messages, deleted messages and many more, All thanks to
ReplyDelete(hackingsetting50@gmail.com), if not for him i will never know what has been going on for a long time.
Contact him now and thank me later.