Doctor Web researchers identified a multifunctional backdoor Android.Backdoor.916.origin targeting Russian business representatives, capable of surveillance and data theft. The malware disguises as a fake antivirus app called βGuardCBβ and exploits device permissions to maintain stealthy control. #AndroidBackdoor916 #GuardCB
Keypoints
- The malware is primarily aimed at Russian users and targets business personnel.
- It is distributed via private messages containing a fake antivirus app named βGuardCBβ.
- The malicious app requests dangerous permissions, enabling extensive device control.
- It can steal data such as SMS, contacts, call logs, media, and even stream audio/video.
- Android.Backdoor.916.origin can connect to multiple control servers and adapt to various hosting providers.