
Back in the day, you would need to have quite a bit of technical know-how if you wanted to hack. But now the irony is that as technology advances, so has hacking techniques. So much so that there are cybercriminals selling malware as a service. In fact, researchers at Zimperium’s zLabs have uncovered a new Android malware-as-a-service called RedWing.
What the RedWing malware does, and why it’s dangerous
According to Zimperium, RedWing malware works like a legitimate piece of software. Sellers market it through Telegram with subscription tiers, a support bot, and how-to videos. That means buyers don’t need to know how to code to use it. All they need to do is pay for it and watch some tutorial videos, and it’s off to the races.
Once it’s installed, RedWing can do real damage. It uses phishing overlays that sit on top of real banking and crypto apps to steal passwords. It can read incoming texts to grab one-time passcodes. It can even quietly reroute a victim’s phone calls to the attacker, using an old carrier code most people have never heard of.
The person running RedWing can also watch a victim’s screen live. They can flip on the camera or microphone. They can pull contacts, files, and messages straight off the device. Zimperium says the malware leans on real and actual Android features to stay installed and avoid detection. Attackers can even repurpose that same setup for things like DDoS attacks.
Where RedWing came from, and how to protect yourself
The researchers at Zimperium believe RedWing is a rebuilt version of Oblivion, another rent-a-malware kit. So far, the firm has counted 82 targeted institutions. It also appears there’s a heavy lean toward Russian financial firms.
That being said, malware-as-a-service isn’t new. What’s changed is how far the model has traveled into mobile. A single phone now doubles as a wallet, an authenticator, and an inbox. So the question is, how do you protect yourself?
While we’re not sure if there are specific ways to protect yourself against the RedWing malware, there are still simple and good practices that go a long way. For starters, stick to the Google Play Store instead of sideloading apps from random links. Be wary of any app or message that asks for Accessibility permissions you didn’t expect.
Also, keep your phone’s software updated. Security patches typically close the security holes that malware like RedWing relies on. And if a text message or pop-up urges you to update an app right now, treat it as a red flag rather than a chore.
The post Malware-as-a-Service: RedWing Malware Lets Hackers Rent Access into Your Android Phone appeared first on Android Headlines.
​Â