GlanceLove

Description

(Check Point) About 100 people fell victim to the attack that came in the form of fake World Cup and online dating apps that had been uploaded to the Google Play Store, the official app store of Google.

Once the apps were installed onto the victims’ phones, the highly invasive malware was then able to carry out a number of malicious activities:

• Record the user’s phone calls. • Take a picture when the user receives a call. • Steal the user’s contacts. • Steal the user’s SMS messages. • Steal all images and videos stored on the mobile device and information on where they were taken. • Capture the user’s GPS location. • Take random recordings of the user’s surroundings. • Steal files and photos from the mobile device’s storage.

Names

Name
GlanceLove
WinkChat

Category

Malware

Type

• Backdoor
• Info stealer
• Exfiltration

Information

• https://blog.checkpoint.com/2018/07/05/an-invasive-spyware-attack-on-military-mobile-devices/
• https://symantec-blogs.broadcom.com/blogs/expert-perspectives/goldencup-new-cyber-threat-targeting-world-cup-fans
• https://securelist.com/breaking-the-weakest-link-of-the-strongest-chain/77562/
• https://www.clearskysec.com/glancelove/

Malpedia

• https://malpedia.caad.fkie.fraunhofer.de/details/apk.glancelove

Other Information

Uuid

bac795fd-7799-42f2-920c-eb6d4d4c12e9

Last Card Change

2020-05-13