VAMP Description

The Two-Tailed Scorpion APT (Advanced Persistent Threat) is a hacking group, which likely originates from the Middle East. Many speculate that the Two-Tailed Scorpion APT is working with the Hamas terrorist organization. Most of these APT campaigns are concentrated in the Middle Eastern region. Its targets include high-ranking politicians in Israel, as well as Palestine. Despite mainly focusing on Israel and Palestine, the Two-Tailed Scorpion hacking group has had successful campaigns targeting Egypt and Jordan, among other countries.

The Espionage

The Two-Tailed Scorpion APT has been gaining popularity with one of their hacking tools called VAMP. The VAMP Trojan is programmed to target Android devices, and experts have already spotted multiple campaigns employing this threat against universities, companies in the security industry, and government officials. The main goal of the VAMP Trojan is espionage. This threat is capable of silently collecting data like photos, videos, text messages, social media chat logs, marked calendar events, etc.

The Infection Vector

It is likely that the Two-Tailed Scorpion hacking group has built a bogus application store hosting fraudulent applications, which are infected with their malware. To avoid detection, most of the applications on this store are legitimate since having all applications infected would raise too many red flags.

When the VAMP Trojan is on Your Device

If the user downloads one of the fake applications, the application will require multiple permissions to a wide variety of the device’s features. After gaining persistence on the compromised device, the VAMP Trojan will connect to the APT’s C&C (Command & Control) server and begin recording audio calls, collecting documents, gathering contact information, collecting text messages and then siphoning them to the attackers’ server.

The VAMP malware is one of the most preferred hacking tools of the Two-Tailed Scorpion APT so that it is likely that they will not only continue to use it, but there may be updates introduced to it in the future. Make sure you download and install a reputable ant-virus software suite, which will keep your Android device safe from the claws (or the fangs) of the VAMP Trojan.