Supply Chain Attack Infiltrates Android Apps with Malicious SDK | Threat Intelligence | CloudSEK
Tags
cmtmf-attack-pattern: Masquerading
attack-pattern: Data Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vulnerabilities - T1588.006 Masquerading - T1036 Masquerading
Show in Graph
Common Information
Type Value
UUID 4bf61c99-e1dc-4d62-ae65-326dc27dee16
Fingerprint c5b099959c33a54b
Analysis status DONE
Considered CTI value 0
Text language
Published June 2, 2023, midnight
Added to db Nov. 19, 2023, 5:58 a.m.
Last updated Nov. 17, 2024, 5:57 p.m.
Headline Supply Chain Attack Infiltrates Android Apps with Malicious SDK
Title Supply Chain Attack Infiltrates Android Apps with Malicious SDK | Threat Intelligence | CloudSEK
Detected Hints/Tags/Attributes 37/2/7
Source URLs
Redirection Url
Details Source https://www.cloudsek.com/threatintelligence/supply-chain-attack-infiltrates-android-apps-with-malicious-sdk
URL Provider
Details Provider Source level domain
Details cloudsek.com www.cloudsek.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 89 CloudSEK Threat Intelligence https://cloudsek.com/threatintelligence/rss.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 2 
d3hdbjtb1686tn.cloudfront.net
Details Domain 21 
news.drweb.com
Details File 7 
spy.spi
Details File 2 
gpsdk.html
Details Url 1 
https://d3hdbjtb1686tn.cloudfront.net/gpsdk.html
Details Url 1 
https://news.drweb.com/show/?i=14705&lng=en
Details Url 2 
https://www.bleepingcomputer.com/news/security/android-apps-with-spyware-installed-421-million-times-from-google-play