Modified Cynos Trojan Infects Over 9M Android Phones; Hackers Love Weekends and Holidays, Experts Reveal

Modified Cynos Trojan Infects Over 9M Android Phones; Hackers Love Weekends and Holidays, Experts Reveal
The CISA and FBI remind everyone of their cybersecurity and to secure their Android devices from potential breaches by hackers and modified Cynos trojan malware infections from all online transactions. Hollie Adams / Getty Images

The back-to-back festivities for Thanksgiving, Black Friday, and Cyber Monday are making everyone busy.

However, the US Cybersecurity and Infrastructure Agency (CISA) and the FBI reminded everyone to secure their Android devices from potential breaches by hackers and modified Cynos trojan malware infections from all online transactions.

Both CISA and the FBI have issued a warning to critical infrastructure providers ahead of Thanksgiving on Thursday, November 25, advising them to remain watchful on holidays and weekends because hackers don't take vacations.

Cybersecurity Warning From Hacking

In August, ahead of the Labor Day weekend, the agency issued a similar warning, stating that ransomware attackers frequently target holidays and weekends, especially when companies are likely to be closed.

The CISA and FBI said via ZDNet, "Recent history tells us that this could be a time when these persistent cyber actors halfway across the world are looking for ways big and small to disrupt the critical networks and systems belonging to organizations, businesses, and critical infrastructure."

The agencies stated that no specific threats had been discovered.

They did highlight, however, that some of the worst ransomware assaults occurred on holidays and weekends, such as July 4th and the Mother's Day weekend.

The agencies have listed six essential steps firms may take to reduce the risk of an attack over the Thanksgiving holiday in order to prepare for possible strikes.

These precautionary steps include identifying key IT security personnel capable of handling a spike in work following a ransomware attack; implementing multi-factor authentication for remote access and administrative accounts; enforcing strong passwords and avoiding password reuse; ensuring RDP is secure and monitored, and reminding employees not to click on suspicious links.

Modified Cynos Trojan Malware in Android Devices

Meanwhile, Bleeping Computer reported that approximately 9,300,000 Android devices were infected with trojans disguised as over 190 distinct apps.

The alps have been installed as part of a large-scale malware campaign on Huawei's AppGallery.

Dr. Web has identified the trojan as 'Android.Cynos.7.origin,' which is a modified variant of the Cynos malware that collects sensitive user data.

The discovery and report were made by Dr. Web AV researchers, who then alerted Huawei and assisted them in removing the detected apps from their store.

Those who installed the apps on their Android smartphones, on the other hand, will have to manually delete them.

Read Also: Apple Black Friday Sale 2021: 5 Best Gadget Deals You Can Get Today

Trojan Malware Disguised as Game

Threat actors disguised their malware as simulators, platformers, arcades, RTS strategy, and shooting games for Russian, Chinese, and international (English) users in Android apps.

Users were unlikely to remove them if they enjoyed the game because they all provided the claimed functionality.

The list of Cynos malware programs is far too long to include here.

However, several significant instances that stand out due to their widespread use are given below:

  • 快点躲起来 (Hurry up and get out of here) - 2,000,000

  • 427,000 cat adventures

  • Simulator for driving school - 142,000

Although comparing your installed programs to the whole list of 190 harmful apps is unrealistic, the simpler option is to run an antivirus program that can detect Cynos trojans and their variants.

Cynos Trojan Malware

This Cynos trojan variant's capability allows it to carry out a variety of harmful operations, including spying on SMS texts and downloading and installing other payloads.

According to the malware analysis of Dr. Web, the Android.Cynos.7.origin is one of the versions of the Cynos program module, which can be inserted into Android apps to monetize them and has been known since at least 2014.

Related Article: Holiday Online Shopping Scams: 6 Ways to Protect Yourself

© 2024 iTech Post All rights reserved. Do not reproduce without permission.

More from iTechPost

Real Time Analytics