Android malware Mandrake is a powerful tool that can access your device and its data remotely
Malware is basically a security flaw that can break your device security and get access to it. It can also control your device remotely and leak any data anytime, anywhere. To be protected by malware you need to have security checks regularly.
The new Mandrake spyware is a malware that abuses legitimate Android functions to help gain access to everything on the compromised device in attacks which can gather almost any information about the user.
The attacker can browse and collect all data on the device, steal account credentials for accounts including banking applications. secretly take recordings of activity on the screen, track the GPS location of the user, and more, all while continuously covering their tracks.
Mandrake has been active since 2016 and was specifically targeting Australian users, but now it’s targeting victims around the world. Experts have not yet got the exact number of users affected by the malware, but have an estimation that around 10,000 users are been affected.
The Malware is made self-destructing, means as soon as the attacker gains the data required he can deploy the feature kill-switch, that is the feature automatically wipes the malware from the device.
The malware avoids detection by Google Play by using a multi-stage process to hide the payload. The app is installed on the phone and it then contacts the server to download a loader, which then provides the additional capabilities Mandrake needs to take control of the device.
The Mandrake campaign is likely to still be operating and it’s probably only a matter of time before those behind its attempt to distribute new applications to drop the malware.
To avoid the Mandrake to be installed on your device, we suggest you download the applications only from trusted partners and its own website.