Save up to $1,100 on Galaxy S24 Ultra!
Amazon Black Friday is here
The Amazon Black Friday deals are here early, enjoy the best discounts of the year now.
00 days
00 hrs
00 mins

McAfee: Apps from the Google Play Store were used to track defectors from North Korea

By
13comments
Google News Follow
Follow us on Google News
Android Apps Google
McAfee: Apps from the Google Play Store were used to track defectors from North Korea
Researchers at security software firm McAfee have discovered that a North Korean hacking squad has installed a trio of malware-laden apps in the Google Play Store. The targets are defectors who left North Korea for South Korea. Once the malware is downloaded and installed, it copies contacts, photos and text messages from the victim's device, and sends them to the hackers in North Korea. The three infected apps include one that deals with food ingredients and is aptly named Food Ingredients Info. The remaining two apps are security related and are named Fast AppLock and AppLockFree.

The "Sun Team" contacts its targets through Facebook, trying to get them to open the infected "unreleased" apps. Once a phone or tablet is infected, it receives commands and uploads data through Dropbox and Russia's Yandex.

McAfee sees similarities between the recent malware attacks and one it discovered in January. A North Korean hacking group called "Sun Team" is said to be responsible for both attacks. Information logs discovered by McAfee from Dropbox and Yandex related to the new attack, came from the same test devices used by the Sun Team in the earlier campaign. In addition, the email addresses used by the developer of the new infected apps are the same ones associated with the North Korean squad.

"Our findings indicate that the Sun Team is still actively trying to implant spyware on Korean victims’ devices. (The number of North Korean defectors who came to South Korea exceeded 30,000 in 2016, according to Radio Free Asia.) Once the malware is installed, it copies sensitive information including personal photos, contacts, and SMS messages and sends them to the threat actors. We have seen no public reports of infections. We identified these malwares at an early stage; the number of infections is quite low compared with previous campaigns, about 100 infections from Google Play."-McAfee

Recommended Stories
McAfee informed Google about the infected apps, which have since been removed from the Play Store. The security firm also informed the Korea Internet & Security Agency. 

source: McAfee
https://m-cdn.phonearena.com/images/users/39-200/Alan-F.jpg
Alan Friedman Mobile Tech News Journalist
Alan, an ardent smartphone enthusiast and a veteran writer at PhoneArena since 2009, has witnessed and chronicled the transformative years of mobile technology. Owning iconic phones from the original iPhone to the iPhone 15 Pro Max, he has seen smartphones evolve into a global phenomenon. Beyond smartphones, Alan has covered the emergence of tablets, smartwatches, and smart speakers.

Recommended Stories

Loading Comments...

Popular stories

T-Mobile introduces welcome change for iPhone users
T-Mobile introduces welcome change for iPhone users
Time has come to say goodbye to T-Mobile app after 12 years
Time has come to say goodbye to T-Mobile app after 12 years
AT&T wants to shut down a network with only 52 users (UPDATE: AT&T responds)
AT&T wants to shut down a network with only 52 users (UPDATE: AT&T responds)
People are hearing voices coming from their iPhone
People are hearing voices coming from their iPhone
This better not be happening: YouTube Premium users are seeing ads
This better not be happening: YouTube Premium users are seeing ads
Best Buy is now selling the 512GB OnePlus 12 flagship at its killer Black Friday price
Best Buy is now selling the 512GB OnePlus 12 flagship at its killer Black Friday price

Latest News

Amazon slashes the 512GB Galaxy S24 Ultra by $350 for Black Friday, making it a can't-miss offer
Amazon slashes the 512GB Galaxy S24 Ultra by $350 for Black Friday, making it a can't-miss offer
Surprise Amazon Black Friday deal slashes more than $250 off the cheapest Pixel 9 model
Surprise Amazon Black Friday deal slashes more than $250 off the cheapest Pixel 9 model
Sizzling hot Black Friday 2024 deal makes Apple's 2022 iPad cheaper than ever before
Sizzling hot Black Friday 2024 deal makes Apple's 2022 iPad cheaper than ever before
Oppo Find X8 Series goes global with new Hasselblad camera system, ColorOS 15
Oppo Find X8 Series goes global with new Hasselblad camera system, ColorOS 15
T-Mobile proves its mettle against Verizon and AT&T by doing for customers what rivals were unable to
T-Mobile proves its mettle against Verizon and AT&T by doing for customers what rivals were unable to
Apple releases iPhone and iPad security updates you should install ASAP
Apple releases iPhone and iPad security updates you should install ASAP
FCC OKs Cingular\'s purchase of AT&T Wireless