Authored by: Wenfeng Yu
McAfee Mobile Research team recently discovered a new piece of malware that specifically steals Google, Facebook, Twitter, Telegram and PUBG game accounts. This malware hides in a game assistant tool called “DesiEsp” which is an assistant tool for PUBG game available on GitHub. Basically, cyber criminals added their own malicious code based on this DesiEsp open-source tool and published it on Telegram. PUBG game users are the main targets of this Android malware in all regions around the world but most infections are reported from the United States, India, and Saudi Arabia.
What is ESP hack?
ESP Hacks, (short for Extra-Sensory Perception) are a type of hacks that display player information such as HP (Health Points), Name, Rank, Gun etc. It is like a permanent tuned-up KDR/HP Vision. ESP Hacks are not a single hack, but a whole category of hacks that function similarly and are often used together to make them more effective.
How can you be affected by this malware?
After investigation, it was found that this malware was spread in the channels related to PUBG game on the Telegram platform. Fortunately, this malware has not been found on Google Play.
Figure 1. Re-packaged hacking tool distributed in Telegram
Main dropper behavior
This malware will ask the user to allow superuser permission after running:
Figure 2. Initial malware requesting root access.
If the user denies superuser request the malware will say that the application may not work:
Figure 3. Error message when root access is not provided
When it gai ..
Support the originator by clicking the read the rest link below.
