skip to Main Content

Cyber Espionage, Process Manager is a new spyware for Android

Process Manager is a new spyware for Android. Lab52 cybersecurity researchers: The App steals information from mobile devices and sends it to a server in Russia. It looks like Turla’s work, but there is no confirmation

Process Manager is a new spyware disguised as a legitimate app for Android. Lab52 cybersecurity researchers discovered this. The malware uses the same infrastructure as the Russian group Turla, although it is currently not associated with any APT. Once installed, the malicious payload pretends to be a component of the system and on first launch it asks the user to allow it to use up to 18 permissions such as access to an approximate location, access to a precise location, access to WiFi network, camera, Internet, audio settings, call log, contacts, external memory, SMS, sound recording and more. Once obtained, it removes its icon and runs in the background. The only thing that betrays it is a notification that it’s running. The information collected by the spyware is sent in JSON format to a command and control server located in Russia.

 

Back To Top