After a major malware was found targetting Indian users earlier this year, researchers at cybersecurity firm Kaspersky have recently discovered two new Android malware that can cause similar system modifications, install rogue apps and hack into users social media accounts. Since the malware is fairly new, accounts of only 1K users have been compromised. However, Igor Golovin, a researcher from Kaspersky, specified that the number has been increasing rapidly.
Kaspersky researchers claimed that when the two malware are combined, they can be used to steal cookies collected by social networking apps or in the browser. While both malware are new, they are similar to the Shopper malware which impacted Indian users earlier this year.
Cookies are small files that internet services use to track a particular user and their logged-in state. The cookies are used to personalise a user’s experience, but as harmless as they may seem, they contain information that can be used to identify users. With the malware, hackers can easily access cookies that are related to users’ social media accounts. The cybersecurity firm suggests that users should block third-party cookie access on their phone’s web browser and allow phones to only collect cookies when the users in browsing.
In January 2020, researchers from Kaspersky also revealed the existence of a Trojan malware application called Shopper, which was used to boost shopping app ratings, spread ads and install apps without the consent of the users. The firm specified that the malware affected 14.23% Indian users and ways to spread misinformation on social media channels and other platforms.
Golovin explained that once the malware app receives permission from the users to access the services, it instantly interacts with the system UI component to read interactions such as pressing the home button, gestures etc. The app also sent the collected information to hackers, who can then send commands to the phone and execute tasks. The command can also prompt the affected devices to use social media accounts such as Facebook or Google to register on ecommerce or video streaming services. It targetted apps such as Jabong, MakeMyTrip, Dailyhunt, Hotstar, AliExpress, Lazada, Shein, Alibaba, Joom, Zalora and Likee.
Besides this, the app also leaves reviews on Google Play on behalf of users and creates shortcuts to advertised websites on the phone.
As per Data Security Council of India (DSCI), India has been the second most cyberattacks affected country between 2016 to 2018. Another report, ‘Cost of a Data Breach’ by Michigan-based Ponemon Institute and IBM Security revealed that in the past six years, the average cost of the data breach has been growing at a rate of 12% and it is costing companies around $3.92 Mn, globally.