ViceLeaker

Cybersecurity experts have spotted a new Android malware called ViceLeaker recently. Most Android malware is programmed to target as many victims as possible. However, it appears that this is not the case with the ViceLeaker malware. The authors of this threat have concentrated their efforts in one specific region – the Middle East, namely Israel. It is safe to say that this is an espionage campaign launched against Israeli citizens by an unknown party.

In the summer of 2018, a threat that closely resembles the ViceLeaker had popped up. It was called Triout and operated in a very similar manner to the ViceLeaker malware. However, the victims of the Triout malware were not targeted specifically, which is the biggest difference between the Triout and the ViceLeaker malware.

The ViceLeaker malware has a very impressive list of capabilities. This threat is able to record sound using the microphone of the device (up to 80 seconds) and take pictures with both the front and back camera. It is also capable of accessing the text messages, call logs, and can even send text messages out. The ViceLeaker can download files via a URL and upload files to the infiltrated Android device. Furthermore, the attackers will have access to the memory card and the browser history of the victim. The ViceLeaker malware would provide its creators with a full list of all the applications installed on the Android device.

Apart from all the data that the ViceLeaker malware is capable of siphoning to the attackers’ server, it also can serve as a backdoor through which the cybercriminals can plant more malware on the corrupted device.

Android users worldwide need to be very wary when downloading new applications. Even the ones in the Google Play Store may not be trustworthy as cyber crooks work tirelessly to manage to bypass the safety checks that various application stores apply.