APT41 Unleashes Android Spyware: New Strains WyrmSpy and DragonEgg Discovered

APT41 Unleashes Android Spyware: New Strains WyrmSpy and DragonEgg Discovered

APT41 Unleashes Android Spyware

Introduction

The notorious China-linked nation-state actor, APT41, has recently been discovered to be behind the creation of two new strains of Android spyware. These strains, named WyrmSpy and DragonEgg, have not been previously documented.

Main Points

  • APT41, known for exploiting web-facing applications and infiltrating traditional endpoint devices, now adds mobile endpoints to its arsenal of malware.
  • The Android spyware strains WyrmSpy and DragonEgg have been linked to APT41.

APT41 Expands its Malicious Reach

APT41 has gained notoriety for its expertise in exploiting vulnerabilities in web-facing applications and infecting traditional endpoint devices. These activities have earned it the reputation as a prolific and dangerous threat to organizations and individuals alike.

However, the recent discovery of the Android spyware strains, WyrmSpy and DragonEgg, reveals a new dimension to APT41’s operations. By targeting mobile endpoints, APT41 has expanded its reach to a high-value domain.

WyrmSpy and DragonEgg: Android Spyware Strains

WyrmSpy and DragonEgg are two previously undocumented strains of Android spyware. These malicious programs can infiltrate mobile devices and collect sensitive data without the user’s knowledge.

Just like their names suggest, WyrmSpy and DragonEgg are stealthy and capable of operating covertly within an Android device. They can gather information such as call logs, text messages, GPS location, and even record audio from the device’s surroundings.

This new discovery highlights the advanced capabilities of APT41. By incorporating Android spyware into their toolkit, APT41 has demonstrated that they are constantly evolving and adapting to new technological platforms.

Summary

APT41, a China-linked nation-state actor, has recently been connected to the creation of two new strains of Android spyware. WyrmSpy and DragonEgg, the names given to these malicious programs, have not been previously documented.

APT41, known for its exploitation of web-facing applications and infiltration of traditional endpoint devices, has now expanded its operations to include mobile endpoints. This development reflects the recognition of the high value of mobile devices as targets for cyberattacks.

The Android spyware strains, WyrmSpy and DragonEgg, are capable of secretly collecting sensitive information from infected devices. These discoveries illustrate APT41’s continuous evolution and adaptation to new technological platforms.

Original Article: https://thehackernews.com/2023/07/chinese-apt41-hackers-target-mobile.html


0

Your Cart Is Empty

No products in the cart.