Arid Viper Camouflages Malware in Knockoff Dating App

  /     /     /  
Publicated : 23/11/2024   Category : security


Arid Viper Camouflages Malware in Knockoff Dating App


The APT group uses updates from the app to get the user to download the malware.



APT group Arid Viper targets Arabic-speaking Android users with a
spoof version
of a dating app to collect sensitive user information.
According to research by Cisco Talos, the group replicates a dating app named Skipped with a malicious version using a similar name, available for download in the
Google Play store
.
Once downloaded, the operators share malicious links, masquerading as updates in order to get the user to a tutorial video. A URL in the video’s description directs users to an attacker-controlled domain that serves the custom malware.
The YouTube account was created in March 2022 and has only uploaded one video, which had around 50 views at the time of publishing the
research
. The company determined all of the domains used by the attackers in this campaign are solely registered, operated, and controlled by Arid Viper, and they follow the same naming patterns observed in previous iterations of Arid Viper infrastructure.
The malware can also disable security notifications, collect users sensitive information, and deploy additional malicious applications on compromised devices. The researchers determined that the malware campaign has been active since at least April 2022.

Last News

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Arid Viper Camouflages Malware in Knockoff Dating App