Researchers discovered an open-source spyware AhMyth associated with Google play store app called RB Music to intrude the Android users device to steal various sensitive information.
RB Music also know as Radio Balouch, a malicious streaming radio based Android app appeared in Google play store borrowed malicious features and functionality from AhMyth to infect the Android users in wide.
Radio Balouch Appeared in PlayStore (Souce: ESET)
AhMyth, an open-source espionage tool developed to infect with the Android devices with the help of Android apps that implant to the targeted devices and opens a backdoor to spy the victim activities and steal the data.
A desktop application based on electron framework act as a command and control server operating by the attackers to send further commands and obtain the information.
There are several apps were used this AhMyth spyware since 2017, But Radio Balouch is a first app that officially appeared in Google play store.
AhMyth advertising selling in Chinese- and English-speaking underground forum that focuses more on Android devices.
Lukas Stefanko, ESET researcher said through a blog post, “besides Google Play, the malware, detected by ESET as Android/Spy.Agent.AOX has been available on alternative app stores. Additionally, it has been promoted on a dedicated website, via Instagram, and YouTube.”
Radio Balouch streaming radio app initially appeared on July 2nd, 2019 and eventually, the app has been removed from the App Store with the 24 hours. but still, maintain its existence in the 3rd party app store.< ..
Support the originator by clicking the read the rest link below.
