Security researchers have found a new malware strain called Goontact which has been found targeting Android and iOs.
This spyware grabs contacts, SMS messages, photos, and location information from victims. Goontact was first detected by mobile security firm Lookout.
As of now, this spyware has been contained within Chinese-speaking countries like China, Korea, and Japan, reports suggest.
Goontact's Modus Operandi
Lookout has assessed that it is managed by Chinese-speaking threat actors, based on the language used for admin panels of the servers. The data that is obtained from these spyware apps is then sent back to online servers under the Goontact operators' control.
The malware of Goontact is distributed via third-party apps, reports said, which largely promote free instant messaging apps dedicated to reaching escort services.
"In reality, the targets are communicating with Goontact operators. Targets are convinced to install (or sideload) a mobile application on some pretext, such as audio or video problems. The mobile applications in question appears to have no real user functionality, except to steal the victim’s address book, which is then used by the attacker ultimately to extort the target for monetary gain," Lookout said in a blogpost.
While Goontact has not made its way into the App Store or Google Play Store yet, users could be downloading and side-loading Goontact-infected applications.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
