Hackers Take advantage of Android Smartphone Security Flaw to Target Activists

Suspected nation-backed hackers have intensified their attempts to break into the web debts of Iranian rights activists in recent weeks with the aid of exploiting Safety vulnerabilities in Android smartphones, the Worldwide Campaign for Human Rights in Iran has found out.

On August eleven, 2016, an unknown person sent a message on Fb to a prominent Iranian political activist living in Paris and delivered himself as a former student. The hacker said he had created political stickers with the activist’s picture on them. He then sent a file, with an APK suffix, to the activist claiming that the file contained the stickers.

Soon after the activist opened what turned into a malware report, the hacker took over the sufferer’s Facebook page and sent comparable messages to the activist’s friends. Several of them worked at Radio Farda, Deutsche Welle, and the BBC. One of the sufferer’s friends fell for the entice and lost his Gmail account for several hours.

Documents with the APK suffix are applications that can be set up on smartphones with Android running systems. Customers have to most effective open those Files after downloading them from legitimate sources, together with Google Play. Unlike Apple’s iOS operating gadget, Android apps may be independently advanced and installed, providing an opportunity for hackers to prey on unsuspecting Customers and undercover agents on them.

Read More Articles :

The report that changed into used to hack into the Paris-primarily based activist’s account turned into created with the aid of DroidJack, an Android “Far-flung Management Tool” that allows hackers to build trojan packages designed to breach the security of a pc machine even as ostensibly performing another characteristic.

Investigations utilizing the Campaign show that Trojan malware was created via hacker’s advantage. There is far-flung access to a wide range of content on Android smartphones, including messages, images, audio Documents, apps, GPS locators, and contact lists. The hackers can reveal conversations and operations at the device without the proprietor’s know-how and make Cellphone calls and send messages.

Formerly the Marketing campaign had discovered that hackers were tricking victims into downloading false IMO chat application installers to benefit get admission to their money owed. These malware Files have been created using Metasploit, an Android penetration checking out software. Hackers have also sent messages on Fb to Iranian newshounds residing abroad and asked them to click on fake links on Google Power to “obtain critical pressing information.”