Mandrake
Cybersecurity experts have uncovered a new cybercrime campaign that seems to be focused on Australian Android users at the moment. The new spyware toolkit, dubbed Mandrake, appears to be a very advanced hacking tool that has been in use since 2016 – during the past four years, it has been updated on a regular basis. Its authors have added new features, removed outdated ones, and modified the program regularly to ensure that it will allow them to continue to carry out harmful operations on the infected Android devices.
The Mandrake Spyware is Used in Targeted Attacks
The Mandrake campaign is executed on a relatively small scale – although the threat may be able to reach tens of thousands of devices, researchers have identified just 500 active copies of the spyware. This may occur because Mandrake is only deployed on devices that the attackers are interested in – it is possible that the authors of this threat only launch a fully-fledged attack after monitoring their targets for an extended period.
Once Mandrake is up and running, it enables the attackers to perform operations on the infected Android device. Their ultimate goal appears to be to collect information from the victim – bank account, payment details, login credentials, contacts, conversations, images, etc. It is possible that the group behind the Mandrake spyware may specialize in blackmailing, but money fraud is another thing that they are likely to engage in.
It seems that the operators of Mandrake have an individual approach towards each one of their victims – yet another clue that they take a lot of time to monitor their victims before taking any action. An attack of such sophistication is unlikely to be executed by a lone wolf, and it is safe to assume that the Mandrake spyware is being operated by a highly-skilled group of cybercriminals who have a lot of experience in the field.
There is not enough information to determine the infection vectors the Mandrake authors use – they may rely on phishing messages spread via email, social media or text messages. We advise users to protect their Android devices with the help of a trustworthy mobile security application.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.