Header Ads

    • Breaking writing

    New Guerilla Malware infects over 90 lakh Android devices, here is how to stay safe and protect your phone

    May 26, 2023 0

     


    If you are an Android user, you might want to be extra careful about what apps you install and what messages you receive. A new Android malware called Guerilla has been discovered that has infected millions of devices around the world. The malware steals personal information from users, including their passwords, credit card numbers, and other sensitive data. Guerrilla can access and steal data from any app on the user’s device.


    What is Guerrilla and how does it work?

    Guerrilla is a malware that is pre-installed in various Android devices, including phones, watches, TVs, and TV boxes. It is part of a large and sophisticated cybercrime operation by a group called Lemon Group. The group has been operating for several years and has allegedly infected around 8.9 million i.e 89 lakh devices from over 50 smartphone makers with Guerrilla malware over the past 5 years.


    The malware is activated by a modified system library that decrypts and executes a malicious code in memory. The code then loads a main plugin called Sloth that communicates with the Lemon Group’s servers and receives commands and configuration data.


    The malware can perform various malicious activities such as:


    Loading additional payloads from the Lemon Group’s servers

    Intercepting one-time passwords (OTPs) from SMS messages and sending them to the attackers

    Setting up a reverse proxy from the infected device to allow the attackers to access any website or service through it

    Hijacking WhatsApp sessions and stealing chat history and contacts

    Displaying unwanted ads and generating click fraud revenue for the attackers

    Which countries and devices are affected?

    The infected devices are spreading worldwide, with the threat actor having control over devices in over 180 countries. The top 10 countries most affected by this are the US, Mexico, Indonesia, Thailand, Russia, South Africa, India, Angola, Philippines, and Argentina.


    The malware targets various Android device vendors, especially low-cost Chinese brands that sell their products globally. Some of the vendors identified by Trend Micro are:


    Alcatel, BLU, Cherry Mobile, Coolpad, Doogee, Gionee, Hisense, Huawei, Infinix, Lenovo, LG, Meizu, Micromax, Motorola, Nokia, Oppo,Samsung, Tecno, Vivo, Xiaomi, ZTE,

    How to stay safe and protect your phone?

    The best way to avoid getting infected by Guerrilla is to buy your Android device from a reputable source and avoid installing apps from unknown or untrusted sources. You should also keep your device updated with the latest security patches and use a reliable antivirus app to scan your device regularly.


    If you suspect that your device might be infected by Guerrilla, you should backup your important data and perform a factory reset to wipe out the malware. You should also change your passwords for your online accounts and monitor your credit card statements for any suspicious transactions.


    Guerrilla is a serious threat that can compromise your privacy and security. You should be vigilant and cautious when using your Android device and report any suspicious activity to your service provider or local authorities.

    Tags:
    Author Image

    About mad scientist

    No comments

    Subscribe to: Post Comments ( Atom )

    Post Top Ad

    mad scientist writing

    Join Mad Scientist Writing, where I share engaging stories and insights on fascinating topics. Follow now and let's explore new ideas and inspiration together!

    Post Bottom Ad