Threat Intelligence, Malware

Widespread Android targeting conducted by novel PlayPraetor trojan

(Adobe Stock)

Over 11,000 Android devices, particularly in Portugal, Spain, France, Morocco, Peru, and Hong Kong, have been injected with the newly emergent PlayPraetor remote access trojan, which has a Chinese command-and-control panel, reports The Hacker News.

Operators of PlayPraetor have unveiled five different variants of the malware, one of which is the Phantom iteration mainly aimed at Portuguese-speaking targets that exploits Android's accessibility services to facilitate takeovers, according to an analysis from Cleafy. Other versions of PlayPraetor worked as a fake Progressive Web App, a WebView-based app, and a RAT, as well as a code-based phishing tool. "The campaign's success is built upon a well-established operational methodology, leveraging a multi-affiliate MaaS mode. This structure allows for broad and highly targeted campaigns," said Cleafy researchers. Such findings come as an updated iteration of the ToxicPanda Android malware was reported by Bitsight to have compromised almost 3,000 devices, most of which were in Portugal.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds