The FastFire malware is disguised as a Google security plugin, and the FastViewer malware disguises itself as “Hancom Office Viewer”, FastSpy is a remote access tool based on AndroSpy.
As a result of analyzing the APKs, we figured out that there is a significant association with the past campaigns attributed to Kimsuky group.
We named the malicious APKs FastFire, FastViewer, and FastSpy by adding ‘Fast’ included in the package name and the characteristics of each.
S2W’s threat research and intelligence center, Talon, recently identified three new types of malware that target Android devices.
Photo by Afif Ramdhasuma on Unsplash Executive Summary
0 kommentar(er)
