COMPANY NEWS: After loaning money, criminals behind MoneyMonger blackmail victims with personal information stolen from their device.
Zimperium, the only mobile security platform purpose-built for enterprise environments, has revealed details of a newly discovered Android malware campaign hidden in money lending apps developed with Flutter, a software development kit used to create applications that work across multiple platforms, including Android and iOS.
The Zimperium zLabs team discovered this threat, dubbed MoneyMonger, which uses personal information stolen from a device to blackmail victims into paying more than the terms that their predatory loans required. This code is part of a larger predatory loan malware campaign previously discovered by K7 Security Labs.
MoneyMonger takes advantage of Flutter’s framework to obfuscate malicious features and complicate the detection of malicious activity by static analysis. Due to the nature of Flutter, the malicious code and activity now hide behind a framework outside the static analysis capabilities of legacy mobile security products.
|
|
The MoneyMonger malware is distributed solely through third-party app stores or is sideloaded onto the victim’s device through phishing messages, compromised websites, social media campaigns or other tactics. It has not been found in any Android app stores.
Active since May 2022, this novel malware uses multiple layers of social engineering to take advantage of its…
