CapraTube Remix | Android Spyware Targeting Gamers, Weapons Enthusiasts
July 1, 2024, 4:18 p.m.
Description
SentinelLabs has uncovered a new campaign of Android spyware apps associated with the suspected Pakistan state-aligned Transparent Tribe threat group. The malicious apps, disguised as video browsers, gaming sites, and TikTok content, target mobile gamers, weapons enthusiasts, and individuals interested in TikTok videos. While the core spyware functionality remains consistent, the code has been updated to enhance compatibility with modern Android devices, expanding the potential attack surface. The APKs continue the group's trend of social engineering tactics, leveraging enticing themes to lure victims into granting excessive permissions.
Date
| Published | Created | Modified |
|---|---|---|
| July 1, 2024, 3:50 p.m. | July 1, 2024, 3:50 p.m. | July 1, 2024, 4:18 p.m. |
Indicators
a1836f86daa774e0c9718343dbc2466c4851b86631dfd199e39a656404c237ac
7f981fc12dcb4621ac2a8c4f3882d24f113ac98fe4fb24207743ae24be762978
173.249.50.243
173.212.206.227
www.youuutube.com
http://www.youUUtube.com/resulUUts?seUUarch_quUUery=TiUUk+ToUUks
Attack Patterns
CapraRAT
Transparent Tribe
T1592.004
T1592.003
T1592.002
T1592