AridSpy
Description
(ESET) ESET Research discovered three-stage Android malware, which we named AridSpy, being distributed via five dedicated websites. AridSpy’s code is in some cases bundled into applications that provide legitimate functionality. While the first stage of AridSpy has been documented previously, here we also provide a full analysis of its previously unknown later stages. AridSpy is a remotely controlled trojan that focuses on user data espionage. We detected six occurrences of AridSpy, in Palestine and Egypt. We attribute AridSpy with medium confidence to the Arid Viper APT group.
Names
| Name |
|---|
| AridSpy |
Category
Malware
Type
- Backdoor
Information
- https://www.welivesecurity.com/en/eset-research/arid-viper-poisons-android-apps-with-aridspy/
- https://www.zimperium.com/blog/new-advanced-android-malware-posing-as-system-update/
Other Information
Uuid
45b4cf25-3d0c-4a30-982a-00daa6fc4c3d
Last Card Change
2024-06-19