Dark Caracal Malware: A Threat to All Mobile Users

A major mobile-targeted cyber espionage campaign dubbed “Dark Caracal”- targeting over thousands of individuals across 21 countries- has been recently uncovered by the mobile security company Electronic Frontier Foundation (EFF) as well as security firm Lookout.

Since atleast January 2012, this scheme has been in operation. According to EFF as well as Lookout, the campaign has been operated from a government building owned by the Lebanese General Security Directorate (GDGS) in Beirut.

A little About “Dark Caracal”

The actors involved in Dark Caracal have stolen intellectual property as well as personally identifiable information from over thousands of individuals. Their recent hacks have mainly targeted Android users by way of social engineering on WhatsApp & Facebook. Instead of depending on zero day exploits, the hackers attempt to encourage targets to visit compromised sites.

And when the victims were on the malicious sites, they were lured into downloading fake versions of encrypted messaging apps, giving the hackers full control over the devices.

The malware in question has been named Pallas, a surveillance malware threat that has the potential to steal data, spy on applications, take photographs, record video & audio files as well as take text message files.

Protect your Android device from malware

Today, many of us use our mobile phones in office for downloading business data. This can leave us open to dangerous personal compromise and even blackmail if cyber criminals gain access to valuable business information.

Most employees, looking to download something in office on a PC, will be standard-level users with limited rights as well as protected by all security features of their network.  However, we, as mobile users, generally have full administrative privileges & often grant applications permission rights to the software on our phone without thinking much and therefore fall prey to malware attacks.

Now you might be wondering how you are going to protect your device from malware attacks. The best way to avoid mobile malwares is to use only reputable sources like Google Play Store for downloading applications. The potential for personal loss is high once our information is compromised.