Attackers develop BugDrop malware to bypass Android security features

Researchers have uncovered an Android trojan called BugDrop. The dropper app designed to defeat new features in the upcoming Android version that aims to make it more difficult for malware to request Accessibility Services privileges from victims.

ThreatFabric researchers attributed the dropper to a cybercriminal group called “Hadoken Security.’ The gang is also behind the development and spread of the Xenomorph and Gymdrop Android malware families.

BugDrop masquerades as a QR code reader app to spread malicious payloads through a session-based installation process, tactically circumventing Google’s blocking of API access to apps.

“What is likely happening is that actors are using an already built malware, capable of installing new APKs on an infected device to test a session-based installation method, which would then later be incorporated in a more elaborate and refined dropper,” the researchers said.

Users are advised to avoid malware hidden in official app stores by downloading only apps from known developers and publishers, scrutinizing app reviews and checking their privacy policies.

The sources for this piece include an article in TheHackerNews.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web