Targeted attack cyber spy group Transparent Tribe has added a new malware for Android to its arsenal. Operators distribute it under the guise of an adult content app or COVID-19 tracking software.
A sample of Android malware was discovered by Kaspersky Lab specialists. Experts believe that we can talk about the expansion of the capabilities and scope of the Transparent Tribe - now the group has switched to mobile users.
Two applications appear in the attacks of cybercriminals, the first of which is a video player showing erotic videos, and the second Aarogya Setu program allegedly monitors the spread of COVID-19.
In fact, this software is trying to install the AhMyth malware, which allows an attacker to remotely access the victim's device. This particular sample, according to Kaspersky Lab experts, has more advanced functions.
If the malware settles in the system, an attacker can use it to read SMS messages, manage files, take screenshots, listen to conversations, and view call history.
It was reported last week that the Transparent Tribe has launched a campaign against military and government officials around the world.
