Source-Forbes-
Despite the recent detente with America and South Korea, North Korea continues to launch cyberattacks across the globe. And in recent months, attempts were made by a mysterious hacker crew called the Sun Team to infiltrate the Android phones of North Korean defectors via phishing attempts on Facebook and malware hosted on Google Play, according to research from McAfee. It appears to be the first example of North Korean hackers breaking through the security on Google’s market and a sign of increasing sophistication by the nation-state’s hackers.
The Sun Team infiltrated Google Play with three different spy tools in January. All masqueraded as something they were not, while pilfering private data from infected phones. Two were supposed security applications—Fast AppLock and AppLockFree. The other was, bizarrely, related to food ingredients. All were posted on Facebook groups associated with defectors between January and March by a fake profile set up by the Sun Team or delivered via private messages on the social network, the cybersecurity firm said. KakaoTalk, a popular chat application in South Korea, was also used to send targets links to the malware.
All rogue Android apps have now been removed from the Google Play market, after they bypassed the tech giant’s protections on its official Android app store. They remained live on Google’s platform for two months, amassing only 100 or so downloads, though given the apparently targeted nature of the attacks, this could be deemed a successful campaign by the attackers. Google hadn't responded to a request for comment at the time of publication. Read more
Comments