Threat Database Malware Exodus Malware

Exodus Malware

By GoldSparrow in Malware

The Exodus Malware is a threat that attacks Android devices that has been developed for several years. Italian mobile operators have diffused Tt was diffused by applications posing as service application from mobile operators located in Italy. The Exodus Malware is present in almost 25 applications that the users can download from Google Play and it also can be acquired from applications that can be downloaded from phishing websites. According to the people that researched the Exodus Malware, it is a highly precise phone surveillance operation that can collect data from devices running Android and iOS OSes. The researches also discovered that the Exodus Malware was able to infect "several hundred if not a thousand or more" phones already.

The Exodus Malware infection has three phases: A small dropper gathers standard information that identifies the device, which encompasses the phone number and IMEI so that it can send it to its Command and Control server. The second phase comes just after the device's infection, which consists of various binary packages that magnify the capabilities of surveillance. The third phase will try to make the Exodus malware to obtains root control of the device by using an exploit named DirtyCOW. Once the three phases are complete, the Exodus Malware will start its surveillance task, that encompasses multiple actions that can cause countless problems to the device's owner. Android and other brand users should be extra attentive for signs of a malware intrusion and in case of infection, take urgent measures to eradicate it.


Most Viewed