Popular on EntSun
- Female Motorsports Sponsorship & Expansion; Acquisition Agreement of UAE-Based Sports Incubator by Online Lottery & Sports Game Provider: Lottery.com - 229
- WOA Entertainment Group Unveils Independent No.1's: Breakthrough Artists II —A Celebration of Indie Excellence - 210
- Experience Trembling Firsthand with the New AgeMan® Tremor Simulator - 208
- Edtech Startup Young Commanders Launches 'Visionaries Without Sight' Collection Celebrating Blind and Visually Impaired Historical Figures - 201
- Let's Talk Series: At the Crossroads: Immigration Today - 150
- IRF Builders Forum Brings Global Leaders to Washington, D.C. to Advance Religious Freedom Through Cooperative Engagement - 146
- TEDxInglewood Returns to The Miracle Theater on August 9, 2025 — Celebrating Bold Ideas and Community Energy - 133
- Manhattan Boutique Real Estate Collaborates with InterContinental Hotels NYC in a Branding Partners Personalized Approach - 127
- Token-Operated Sake Service Opens at Tobu Nikko Station - 120
- JMC Princess Announces Release of Empowering New Single "PRETTY" – A Summer Anthem for Young Girls Everywhere - 118
Similar on EntSun
- $18 Price Target Issued in New Research Report After $34 Million Revenue Forecast from Acquisition; $101.5 Million Net Revenue in 2025; NAS DAQ: IQST
- West Dentistry Welcomes New Oral Surgeon to Enhance Patient Care
- Raidium révolutionne le diagnostic de la Sclérose en Plaques en partenariat avec l'Hôpital Fondation Adolphe de Rothschild
- New Podcast "Spreading the Good BUZZ" Hosted by Josh and Heidi Case Launches July 7th with Explosive Global Reach and a Mission to Transform Lives
- Digital Watchdog Launches New myDW Cloud Services
- Drone Light Shows Emerge as the New Standard in Live Event Entertainment
- Lore Link is Here to Help Organize Your Game
- AI Innovation Dual-Strategy Business Model Focused on Real Estate Development for Strategic Expansion: OFA Group, (N A S D A Q: OFAL)
- Retired Hobbyist Launches Bold Weekly Album Project Using AI Songwriting Tools
- Eolian Signs New Information Exchange Agreement with the U.S. Department of Defense for Technology Innovation
EclecticIQ and ThreatFabric investigation reveals evidence of malicious Android packages posing as legitimate Covid-19 contact tracing apps
EntSun News/10832067
Threat actors exploit consumer trust in legitimate government apps to plant malicious packages
AMSTERDAM - EntSun -- EclecticIQ, the global provider of cyber threat intelligence (CTI) technology solutions, has teamed up with fraud and cybercrime prevention experts at ThreatFabric to publish the findings of an investigation into instances of threat actors actively pushing malicious Android packages disguised as legitimate contact tracing applications.
Key analysis points by ThreatFabric and EclecticIQ reveal that:
The findings of the report suggest that threat actors will almost certainly continue to use commodity and open source-based malware disguised as legitimate contact tracing applications for financial gain. The low barrier to entry provided by these tools and the continued rollout of contact tracing applications by nations, presents continued financial opportunity for cybercriminals into the near future. Malicious actors have shown their willingness to exploit the current pandemic by targeting legitimate contact tracing applications consistently in recent months. Samples analyzed by EclecticIQ and ThreatFabric researchers had an earliest estimated build time of April 12th, 2020 with the latest being June 23rd, 2020.
More on EntSun News
Peter Ferguson, Cyber Threat Intelligence Specialist at EclecticIQ's Fusion Center commented:
"Users should never download contact tracing android applications from links sent to them or from third party stores. If they are interested in downloading their nation's contact tracing application, they should use the official site or the Google Play Store."
Gaetan van Diemen, General Manager at ThreatFabric commented:
"Threat actors have become very efficient in tricking users into downloading and installing a phenomenal variety of malicious apps on their mobile devices. To avoid fraud and brand or reputation damage, we strongly recommend app developers and online service providers to adapt their security strategy based on the factual evolution of the mobile threat landscape."
Additional Resources:
About EclecticIQ
EclecticIQ enables intelligence-powered cybersecurity for government organizations and commercial enterprises. We develop analyst-centric products and services that align our clients' cyber security focus with their threat reality. The result is intelligence-led security, improved detection and prevention, and cost-efficient security investments.
Our solutions are built specifically for analysts across all intelligence-led security practices such as threat investigation and threat hunting, as well as incident response efforts. We tightly integrate our solutions with our customers' IT security controls and systems. EclecticIQ operates globally with offices in Europe, the United Kingdom and North America, and via certified value-add partners.
More on EntSun News
Learn more at www.eclecticiq.com
About ThreatFabric
ThreatFabric helps financial institutions protect their online services, stop fraud and enhance customer experience. Powered by threat intelligence, ThreatFabric's solutions offer a holistic approach to risk detection and fraud prevention. MTI (Mobile Threat Intelligence) provides global visibility and context on the mobile banking threat landscape. It is the threat intelligence solution to use to protect personal data, customers and brand from financially motivated threat actors. It includes the strategic overview of threats and context as well as all relevant technical indicators. CSD (Client Side detection) provides the answer to the constantly-evolving fraud landscape and regulatory challenges. An omnichannel solution that empowers financial institutions to pro-actively detecting known and unknown threats to mitigate fraud and build trust across their online services.
Learn more at www.threatfabric.com
Key analysis points by ThreatFabric and EclecticIQ reveal that:
- Threat actors have been disguising Android packages as legitimate government-backed contact tracing applications for financial gain.
- There is evidence to suggest that actors have used repackaged commodity and open-source malware to lower the investment required in the observed campaigns.
- Third-party port forwarding, and secure tunneling services have probably been used to provide anonymization to command and control (C2) infrastructure.
- The Android packages were probably delivered through links pointing to phishing pages.
The findings of the report suggest that threat actors will almost certainly continue to use commodity and open source-based malware disguised as legitimate contact tracing applications for financial gain. The low barrier to entry provided by these tools and the continued rollout of contact tracing applications by nations, presents continued financial opportunity for cybercriminals into the near future. Malicious actors have shown their willingness to exploit the current pandemic by targeting legitimate contact tracing applications consistently in recent months. Samples analyzed by EclecticIQ and ThreatFabric researchers had an earliest estimated build time of April 12th, 2020 with the latest being June 23rd, 2020.
More on EntSun News
- Collision Course Concert Series Returns to Atlanta
- $18 Price Target Issued in New Research Report After $34 Million Revenue Forecast from Acquisition; $101.5 Million Net Revenue in 2025; NAS DAQ: IQST
- West Dentistry Welcomes New Oral Surgeon to Enhance Patient Care
- BayView Entertainment, Inc. Releases Multi Award-Winning Horror Film 'The Forest Through the Trees'
- Germantown Fashion & Arts Festival 2025 Draws Thousands, Celebrates Creativity in Historic Philly
Peter Ferguson, Cyber Threat Intelligence Specialist at EclecticIQ's Fusion Center commented:
"Users should never download contact tracing android applications from links sent to them or from third party stores. If they are interested in downloading their nation's contact tracing application, they should use the official site or the Google Play Store."
Gaetan van Diemen, General Manager at ThreatFabric commented:
"Threat actors have become very efficient in tricking users into downloading and installing a phenomenal variety of malicious apps on their mobile devices. To avoid fraud and brand or reputation damage, we strongly recommend app developers and online service providers to adapt their security strategy based on the factual evolution of the mobile threat landscape."
Additional Resources:
- Read full report here
About EclecticIQ
EclecticIQ enables intelligence-powered cybersecurity for government organizations and commercial enterprises. We develop analyst-centric products and services that align our clients' cyber security focus with their threat reality. The result is intelligence-led security, improved detection and prevention, and cost-efficient security investments.
Our solutions are built specifically for analysts across all intelligence-led security practices such as threat investigation and threat hunting, as well as incident response efforts. We tightly integrate our solutions with our customers' IT security controls and systems. EclecticIQ operates globally with offices in Europe, the United Kingdom and North America, and via certified value-add partners.
More on EntSun News
- The AML Shop Launches New Financial Investigations Unit, Appoints Director to Lead the Initiative
- Raidium révolutionne le diagnostic de la Sclérose en Plaques en partenariat avec l'Hôpital Fondation Adolphe de Rothschild
- New Media Film Festival Announces Winners
- New Podcast "Spreading the Good BUZZ" Hosted by Josh and Heidi Case Launches July 7th with Explosive Global Reach and a Mission to Transform Lives
- The Herbal Care, Led by Markel Bababekov, Becomes a Top Dispensary in NYC's Upper East Side
Learn more at www.eclecticiq.com
About ThreatFabric
ThreatFabric helps financial institutions protect their online services, stop fraud and enhance customer experience. Powered by threat intelligence, ThreatFabric's solutions offer a holistic approach to risk detection and fraud prevention. MTI (Mobile Threat Intelligence) provides global visibility and context on the mobile banking threat landscape. It is the threat intelligence solution to use to protect personal data, customers and brand from financially motivated threat actors. It includes the strategic overview of threats and context as well as all relevant technical indicators. CSD (Client Side detection) provides the answer to the constantly-evolving fraud landscape and regulatory challenges. An omnichannel solution that empowers financial institutions to pro-actively detecting known and unknown threats to mitigate fraud and build trust across their online services.
Learn more at www.threatfabric.com
Source: EclecticIQ
Filed Under: Technology
0 Comments
Latest on EntSun News
- Jekale (JK) Debuts R-B Single "Jungle" Inspired by Fashion, Storytelling, and Self-Discovery
- Favorite Wedding Décor Ideas to Inspire Your Big Day: From Vision to Venue
- Infinite Health Introduces Cutting-Edge Regenerative Medicine for Wound Care with Trip Goolsby, MD
- Riser Music's LYKN Adds India, Mexico & U.s. Dates To "unleashed" World Tour
- A Theatrical Experience Like No Other: "A Praying Mama, A Rebellious Son" Comes August 30
- Prolific Hollywood Actor Phillip E. Walker-MFA is Experiencing His Best Year of Employment Ever
- Top Dentist Concord CA, Smile Makers Dental Care, Celebrates 500 5-Star Reviews
- Bio-Inspired Technology-Dynamic and Adaptable for unknown real-world environments
- ALIVE and KICKING: LAUGHTER NEVER GETS OLD has its World Premiere July 11-20 in St. Charles, IL
- Michael Reafsnyder opens solo exhibition at Scott Richards Contemporary Art in San Francisco
- Valley Sleep Therapy Expands to Prescott with New Location at Crossings Road
- Live Courageously Hosts Ann-Marie Murrell, Author, Journalist, Former Political Commentator
- $17.4 Million Total Revenue for First Half of 2025 (up 31.8% YOY) for Global Wet Trades Services Provider with High Value Bitcoin Investments
- $12.8 Million Net Revenue for 2024 for Cloud-Based Crowdsourcing Recruitment and SaaS-Enabled HR Solutions Provider: Baiya International Group Inc
- YYNOT Brings High-Energy RUSH Tribute to the Weinberg Center this September
- Hire Virtue Announces Executive Sponsorship Opportunity for Houston Hiring Blitz & Job Fair on August 6, 2025
- Inked & Maxim Model Teisha Mechetti Turns Heads—And Builds Community Impact
- Plan to Launch Silo Technologies' Cybersecurity Pilot Program for Ultimate Nationwide Deployment via Exclusive Partnership: Stock Symbol: BULT
- Climaxe Throwing Celebrates 3-Year Anniversary with Grand Re-Opening Under New Ownership
- Robert Michael & Co. Real Estate Team Celebrates Industry Recognition and Showcases Premier Central Florida Listings