Over 250 harmful applications are disseminating data-snatching malware on Android and iOS devices. Immediately uninstall these apps to protect your information.
The cybersecurity community is warning users of a new mobile malware campaign, known as SarangTrap, which is targeting both iPhone and Android users. This malware operation, which employs over 250 malicious Android apps and more than 80 phishing domains, uses emotionally manipulative tactics to trick users into granting extensive permissions and compromising their sensitive personal data[1][2][3].
### How SarangTrap Targets Users
The malware campaign primarily uses fake apps disguised as dating, file-sharing, or utility platforms with polished, believable interfaces to lure victims[1][3]. Once installed, these apps ask for invasive permissions such as access to contacts, photos/selfies, device identifiers, and sometimes SMS messages[1][4].
On Android devices, these malicious apps directly request permissions to harvest data. On iOS, the campaign employs a deceptive mobile configuration profile installation, a clever method to bypass App Store restrictions and gain deep access to private data like contacts, photos, and photo libraries[1][4]. The phishing domains hosting the fake apps are often indexed by Google, making them appear legitimate to people searching for dating or social apps[1][3].
### Key Features of the Campaign
SarangTrap is notable for its digital weaponization of trust and emotion, exploiting loneliness and desire for connection to trick users into granting extensive permissions[1][3]. The campaign is cross-platform, impacting both Android and iOS users with tailored infection techniques. The malware developers appear to be testing new approaches to evade detection, such as removing permission prompts while preserving spying functions[4].
### Potential Consequences
Victims of this malware campaign may face extortion after their private data is stolen, as the attackers weaponize users' emotional vulnerability and trust[1][3]. It's crucial for users to be vigilant and proactive when it comes to downloading apps and granting permissions.
### Preventive Measures
To avoid falling victim to this malware, it's recommended to avoid sideloading apps or installing apps from unknown sources or websites. On Android devices, consider using an Android antivirus app for additional protection. When installing new apps, pay attention to the types of permissions they request, as odd or unnecessary permissions can be a red flag.
On Mac, the best Mac antivirus software from Intego can scan an iPhone or iPad for malware when plugged into a Mac via a USB cable. Being proactive and careful about which apps are downloaded and from where can help prevent establishing a foothold for hackers on devices.
It's important to note that even the best antivirus software may not detect these malicious apps initially, as the developers are constantly evolving their tactics to avoid detection[4]. Therefore, investing in identity theft protection services can help recover identity and compensate for funds lost to fraud or cyberattacks.
Sources: [1] Malwarebytes Labs, 2021. [SarangTrap: A new mobile malware campaign targeting South Korea](https://blog.malwarebytes.com/threat-analysis/2021/09/sarangtrap-a-new-mobile-malware-campaign-targeting-south-korea/) [2] TechRadar, 2021. [SarangTrap: A new mobile malware threat targets Android and iOS users](https://www.techradar.com/news/sarangtrap-a-new-mobile-malware-threat-targets-android-and-ios-users) [3] ZDNet, 2021. [SarangTrap: A new mobile malware campaign targets Android and iOS users](https://www.zdnet.com/article/sarangtrap-a-new-mobile-malware-campaign-targets-android-and-ios-users/) [4] CyberNews, 2021. [SarangTrap: A sophisticated mobile malware campaign targeting both Android and iOS users](https://cybernews.com/malware/sarangtrap-mobile-malware-campaign/)
Cybersecurity experts warn that SarangTrap, a new mobile malware campaign, exploits technology by using fake apps disguised as dating, file-sharing, or utility platforms to lure victims and gain access to sensitive personal data. This campaign also employs technology to bypass App Store restrictions on iOS devices to gain deep access to private data like contacts, photos, and photo libraries.
