- Aug 17, 2014
A threat actor known for striking targets in the Middle East has evolved its Android spyware yet again with enhanced capabilities that allow it to be stealthier and more persistent while passing off as seemingly innocuous app updates to stay under the radar.
The new variants have "incorporated new features into their malicious apps that make them more resilient to actions by users, who might try to remove them manually, and to security and web hosting companies that attempt to block access to, or shut down, their command-and-control server domains," Sophos threat researcher Pankaj Kohli said in a report published Tuesday.
"Spyware is a growing threat in an increasingly connected world," Kohli said. "The Android spyware linked to APT-C-23 has been around for at least four years, and attackers continue to develop it with new techniques that evade detection and removal."