A new malware campaign has been unearthed by security researchers at Kaspersky. In this campaign dubbed as “ViceLeaker”, attackers deploy a malicious payload in APK files pushed through messenger applications. According to the researchers, the payload is a spyware program created to extract all accessible information from infected devices. It is speculated that this ongoing campaign is targeted at Android users in the Middle East since the samples found were in Android devices of Israeli citizens.
New tools for distribution
Kaspersky researchers hint that the attackers behind the ViceLeaker campaign plan to come up with new tools to disseminate the payload.
“The operation of ViceLeaker is still ongoing, as is our research. The attackers have taken down their communication channels and are probably looking for ways to assemble their tools in a different manner,” wrote the researchers. It is also believed that ViceLeaker creators are part of a worldwide web-oriented attack campaign.