![]() Furthermore, HeXaGoN Dev posed as a potential buyer in a bid to attract more customers. Noting that Triangulum had previously purchased several malware products offered by HeXaGoN Dev, Check Point said Triangulum advertised his products on different darknet forums with well-designed infographics listing the full features of the RAT. Piecing together Triangulum's trail of activities, the cybersecurity firm said the malware developer - aside from drumming up publicity for the RAT - also looked for potential investors and partners in September 2017 to show off the tool's features before offering the malware for sale. An Active Underground Market for Mobile Malware "The product was a mobile RAT, targeting Android devices and capable of exfiltration of sensitive data from a C&C server, destroying local data – even deleting the entire OS, at times," the researchers said. The vendor, who goes by the name of " Triangulum" in a number of darknet forums, is alleged to be a 25-year-old man of Indian origin, with the individual opening up shop to sell the malware three years ago on June 10, 2017, according to an analysis published by Check Point Research today. Cybersecurity researchers have exposed the operations of an Android malware vendor who teamed up with a second threat actor to market and sell a remote access Trojan (RAT) capable of device takeover and exfiltration of photos, locations, contacts, and messages from popular apps such as Facebook, Instagram, WhatsApp, Skype, Telegram, Kik, Line, and Google Messages. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |