Beware: Android Dropper-as-a-Service Evades Google's Defenses

November 6, 2023 at 02:09 PM

•

1 min read

Beware: Android Dropper-as-a-Service Evades Google's Defenses — Photo: The Hacker News

TL;DR Summary

SecuriDropper, a new dropper-as-a-service (DaaS) for Android, has been discovered by cybersecurity researchers. This malware bypasses Google's new security restrictions and delivers the payload. SecuriDropper disguises itself as harmless apps and uses a different Android API to install the payload, mimicking the process used by marketplaces. It bypasses Google's Restricted Settings by requesting permissions to read and write data to external storage, as well as install and delete packages. Android banking trojans like SpyNote and ERMAC have been distributed via SecuriDropper on deceptive websites and third-party platforms. Another similar dropper service called Zombinder has also been observed offering a Restricted Settings bypass.

Topics:top-news #android #cybersecurity #dropper-as-a-service #google #malware #mobile-security-malware

Share this article

SecuriDropper: New Android Dropper-as-a-Service Bypasses Google's Defenses The Hacker News
Cybercrime service bypasses Android security to install malware BleepingComputer
New Android malware dropper sneaks past Google — protect yourself now Tom's Guide
Why users should avoid downloading APK files on Android devices The Hindu

Reading Insights

Total Reads

Unique Readers

Time Saved

2 min

vs 3 min read

Condensed

80%

521 → 102 words

Want the full story? Read the original article

Read on The Hacker News

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights