Bitdefender reveals Mandrake spyware targeting Australian Android usersTime: Apr. 3, 2020
Bitdefender's cybersecurity research team discovered a new spy operation for Android specifically for Australian users.
The company found "Mandrake" earlier this year and estimates that the sophisticated spy platform has been active for at least four years.
Bitdefender said there has been a rapid spread of attacks in Australia in the past two years, mainly due to the high use of mobile banking in Australia, which attacks more banking Trojans than any other developed country in the world.
So far, the team has recorded how Mandrake undermines Google Chrome, Gmail, ANZ Australia, Commonwealth Bank of Australia, Bank of Melbourne Mobile Banking, Bank of SA, Australian Super, and PayPal apps.
Principal investigator Marius Tivadar informed ZDNet that after analyzing the data collected over a two-month period, the team identified 500 unique Australian victims who had one or more compromised devices. He warned that the number could be much higher.
According to Bitdefender, criminals use software to attack individually. Mandrake is well developed, with constant development over the four year period, adding new functions, correcting errors or eliminating functions.
It can even turn down the phone volume and block calls or messages.
Tivadar said its authors appear to be interested only in a "special type of consumer," those who have something they can benefit from.
The first wave of attacks in 2016-2017 had an affinity for the United Kingdom, the United States, Germany, and the Netherlands. The current wave of 2018-2020 attacks is most widespread in Australia, but also in the United States, Canada and Europe.