Kaspersky researchers have been observing the Transparent Tribe, an APT group that has been active since 2013. Kaspersky found that the organization has been utilizing a new mobile malware tool that targets Android devices in its cyber-espionage campaigns. The campaign is largely focusing on victims in India, as the spyware is disguised as apps popular within the country. Once installed, the sophisticated malware can download new apps, access text messages, call logs, and take over the device’s microphone.
The Andriod spyware also tracks the device’s locations and is able to upload files from the device to a remote server that is controlled by the threat actors. Kaspersky found that the operators are also likely dropping the Android spyware tool in specific websites, using social engineering to lure users into clicking on it and accidentally installing it.
Read More: ‘Transparent Tribe’ APT Group Deploys New Android Spyware for Cyber Espionage