Multi-part Android spyware lurked on Google Play Store for 4 years, posing as a bunch of legit-looking apps
A newly uncovered strain of Android spyware lurked on the Google Play Store disguised as cryptocurrency wallet Coinbase, among other things, for up to four years, according to a new report by Bitdefender.
The malware, named Mandrake by the threat intelligence agency, featured a three-part structure that allowed its operators to evade detection by routine Google scanning.
Beginning with an innocuous-looking dropper hosted on the Google Play store, masquerading as one of a number of legitimate apps, Mandrake allowed its Russian operators to snoop on virtually everything unsuspecting targets did on their mobile phone.
Source: Multi-part Android spyware lurked on Google Play Store for 4 years, posing as a bunch of legit-looking apps • The Register