Malware disguised as Assassin’s Creed app detected by Zscaler researchers
Mobile gamers will need to stay on their toes following the news that hackers have disguised a particularly nasty type of malware as a hit gaming app.
Researchers at Zscaler discovered malware disguising itself as popular paid gaming app Assassin’s Creed, based on the hugely successful PlayStation and Xbox franchise which sees players take on the role of a historical assassin.
If downloaded, the malware will install a pirated version of the Assassin’s Creed game that appears to function normally, but in reality is capable of sending multi-part text messages, harvesting text messages from a victim’s device, and sending stolen information to a remote Command & Control (C2) server.
The team also detected that the pirated app has the ability to harvest the mobile number and Subscriber ID information from the victim’s device for tracking purposes. Whilst researching it found phone numbers belonging to Russian bank ‘Volga-Vyatka Bank of Sberbank of Russia’ hidden within the malicious application code, which had intercepted SMS messages in an attempt to steal sensitive information.
Zscaler is recommending that users exercise caution when downloading apps from sources other than trusted app stores such as Google Play, as criminals often offer cut-price deals on popular games and apps.
Criminals are resorting to ever more devious methods to try and gain access to consumer’s mobile devices as they look to benefit from the huge amounts being spent on apps and games, particularly through social media.
Last month, security firm Bitdefender revealed that over 200,000 Facebook users had fallen victim to a ‘likejacking’ scam which promised to give away free Audi R8 sportscars.
Earlier this year, research from Arxan Technologies found that as many as 97 percent of the top 100 paid Android apps and 87 percent of the top 100 paid Apple iOS apps have been hacked.
How much do you know about hackers? Take our quiz!