Thu, 06/18/2020 - 00:31 By jeffery_v2



Malicious functionality in these trojanized contact-tracing applications includes:

  • Full access to SMS data and activity
  • Injection and visibility into other applications (ex: banking applications and password vaults)
  • Keylogging
  • Voice, Screen, and Camera recording and exfiltration
  • Access to critical device information and system details”

“These types of malicious apps have been observed in official app stores/distribution channels, as well as ‘less-than-official’ app stores. “

“We encourage all users to be extra critical of what apps they install, and where they are installing from. “

"Criminals have increased the use of weaponized medical leave forms, PTO requests and resume/CV forms and templates in an effort to further spread malware.

"Weaponized forms are spread via email, primarily as Word documents, however we have observed alternate file formats as well