Cyber Attack cyber

Google

Aug 5, 2024 1 min read
Google

Over 32,000 users have been impacted by the Mandrake Android spyware, which was embedded in five apps on the Google Play Store. This malicious software enabled attackers to gain full control of infected devices and exfiltrate personal data. The spyware employed sophisticated evasion and obfuscation techniques, including the hiding of its malicious payload in native libraries and implementing a kill-switch to remove all traces of its presence. Despite the advanced nature of the attack, the apps remained undetected on the official marketplace for an extended period, evidencing the significant threat and potential impact on users' privacy and security.

Source: https://securityaffairs.com/166342/mobile-2/mandrake-android-spyware-google-play.html

TPRM report: https://scoringcyber.rankiteo.com/company/google

"id": "goo001080524",
"linkid": "google",
"type": "Cyber Attack",
"date": "7/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '32,000',
                        'industry': 'Technology',
                        'location': 'Global',
                        'name': 'Google Play Store',
                        'type': 'App Marketplace'}],
 'attack_vector': 'Malicious Apps',
 'data_breach': {'data_exfiltration': True,
                 'number_of_records_exposed': '32,000',
                 'personally_identifiable_information': True,
                 'type_of_data_compromised': 'Personal Data'},
 'description': 'Over 32,000 users have been impacted by the Mandrake Android '
                'spyware, which was embedded in five apps on the Google Play '
                'Store. This malicious software enabled attackers to gain full '
                'control of infected devices and exfiltrate personal data. The '
                'spyware employed sophisticated evasion and obfuscation '
                'techniques, including the hiding of its malicious payload in '
                'native libraries and implementing a kill-switch to remove all '
                'traces of its presence. Despite the advanced nature of the '
                'attack, the apps remained undetected on the official '
                'marketplace for an extended period, evidencing the '
                "significant threat and potential impact on users' privacy and "
                'security.',
 'impact': {'data_compromised': 'Personal Data',
            'systems_affected': 'Android Devices'},
 'initial_access_broker': {'entry_point': 'Malicious Apps'},
 'motivation': 'Data Exfiltration',
 'title': 'Mandrake Android Spyware',
 'type': 'Spyware'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.