A newly identified Android malware created by Russia’s FSB impersonates security apps to target Russian business executives. It can exfiltrate data, activate device cameras and microphones, and evade detection through resilience features. #AndroidBackdoor916 #FSB #RussianCyberThreats
Keypoints
- The malware disguises itself as antivirus tools like “GuardCB” and “SECURITY_FSB”.
- It demands high-risk permissions such as access to location, SMS, media, camera, and microphone.
- Once installed, it communicates with command and control servers to execute malicious commands.
- The malware can exfiltrate sensitive data such as messages, contacts, and images.
- It demonstrates resilience by switching among multiple hosting providers and mimicking legitimate security apps.