Summary: A new Android malware has been found embedded in trojanized versions of the Alpine Quest app, primarily targeting Russian soldiers for operational planning in conflict zones. Distributed through Telegram and Russian app catalogs, the malware exfiltrates sensitive data while disguising itself as a legitimate mapping application. Researchers from Doctor Web have identified this spyware as ‘Android.Spy.1292.origin’, highlighting ongoing intelligence-gathering tactics in the conflict.
Affected: Alpine Quest users, particularly Russian military personnel
Keypoints :
- The malware is distributed as a cracked version of the premium Alpine Quest Pro, a legit GPS mapping app.
- Once installed, it steals sensitive information like phone numbers, contacts, and location data.
- This incident reflects a broader trend of targeting military personnel through malicious applications in ongoing conflicts.