Great Motorola Edge deal on Amazon!

McAfee: Apps from the Google Play Store were used to track defectors from North Korea

By
13comments
Android Apps Google
McAfee: Apps from the Google Play Store were used to track defectors from North Korea
Researchers at security software firm McAfee have discovered that a North Korean hacking squad has installed a trio of malware-laden apps in the Google Play Store. The targets are defectors who left North Korea for South Korea. Once the malware is downloaded and installed, it copies contacts, photos and text messages from the victim's device, and sends them to the hackers in North Korea. The three infected apps include one that deals with food ingredients and is aptly named Food Ingredients Info. The remaining two apps are security related and are named Fast AppLock and AppLockFree.

The "Sun Team" contacts its targets through Facebook, trying to get them to open the infected "unreleased" apps. Once a phone or tablet is infected, it receives commands and uploads data through Dropbox and Russia's Yandex.

McAfee sees similarities between the recent malware attacks and one it discovered in January. A North Korean hacking group called "Sun Team" is said to be responsible for both attacks. Information logs discovered by McAfee from Dropbox and Yandex related to the new attack, came from the same test devices used by the Sun Team in the earlier campaign. In addition, the email addresses used by the developer of the new infected apps are the same ones associated with the North Korean squad.

"Our findings indicate that the Sun Team is still actively trying to implant spyware on Korean victims’ devices. (The number of North Korean defectors who came to South Korea exceeded 30,000 in 2016, according to Radio Free Asia.) Once the malware is installed, it copies sensitive information including personal photos, contacts, and SMS messages and sends them to the threat actors. We have seen no public reports of infections. We identified these malwares at an early stage; the number of infections is quite low compared with previous campaigns, about 100 infections from Google Play."-McAfee

Recommended Stories
McAfee informed Google about the infected apps, which have since been removed from the Play Store. The security firm also informed the Korea Internet & Security Agency. 

source: McAfee
https://m-cdn.phonearena.com/images/users/39-200/Alan-F.jpg
Alan Friedman Mobile Tech News Journalist
Alan, an ardent smartphone enthusiast and a veteran writer at PhoneArena since 2009, has witnessed and chronicled the transformative years of mobile technology. Owning iconic phones from the original iPhone to the iPhone 15 Pro Max, he has seen smartphones evolve into a global phenomenon. Beyond smartphones, Alan has covered the emergence of tablets, smartwatches, and smart speakers.

Recommended Stories

Loading Comments...

Popular stories

Even longtime T-Mobile customers will have to put up with slow internet speed policy
Even longtime T-Mobile customers will have to put up with slow internet speed policy
Two more companies want FCC action against T-Mobile for interference from 5G
Two more companies want FCC action against T-Mobile for interference from 5G
The 51 million customers affected by the AT&T data breach are getting free protection for 12 months
The 51 million customers affected by the AT&T data breach are getting free protection for 12 months
Make your Galaxy fingerprint scanner unlock faster as Samsung fixes what One UI 6.1 broke
Make your Galaxy fingerprint scanner unlock faster as Samsung fixes what One UI 6.1 broke
iPhone users warned to disable iMessage temporarily to avoid getting hacked
iPhone users warned to disable iMessage temporarily to avoid getting hacked
T-Mobile will soon have another reason to gloat
T-Mobile will soon have another reason to gloat

Latest News

Verizon's Visible introduces annual plans with discounts up to 26%
Verizon's Visible introduces annual plans with discounts up to 26%
Comcast launches NOW, low-cost and prepaid brand for data, TV, and WiFi hotspots
Comcast launches NOW, low-cost and prepaid brand for data, TV, and WiFi hotspots
Apple tipped to reduce display size of iPhone 17 Plus
Apple tipped to reduce display size of iPhone 17 Plus
Google Photos working on an option to hide your downloaded memes and other UI tweaks
Google Photos working on an option to hide your downloaded memes and other UI tweaks
Hurry up and snatch Amazon's jumbo-sized Fire Max 11 tablet at its biggest discount yet
Hurry up and snatch Amazon's jumbo-sized Fire Max 11 tablet at its biggest discount yet
Memes of the week: Crazy Pixel leaks, OnePlus feels the heat in India, and more!
Memes of the week: Crazy Pixel leaks, OnePlus feels the heat in India, and more!
FCC OKs Cingular\'s purchase of AT&T Wireless