Spying activities are getting common with the progression of technology. The internet space is indeed full of cyber threats lurking to attack us anytime. Millions of eyes are watching our every online activity. But, the worst in this scenario is malware attacks, designed to steal the personal information of victims.
We are surrounded by thousands of malware. Several unauthorized apps can crack the operating system of mobile phones just to collect the personal information of the user.
In 2019, 39% of businesses in the United
Kingdom got attacked by ransomware. Stats show that the corporate industry gets
more cyber threats than individual beings.
Let’s dig into the details and get more
insights about Transparent Tribe’s data-stealing activities.
What is the Transparent Tribe?
Transparent Tribe. Also known as PROJECTM or MYTHIC LEOPARD, is a prolific group known to target the Military and Government by infecting the USB devices with powerful malware attacks. The threat spreader is notorious for its malicious activities since 2013. In the cyber security world, Transparent Tribe is renowned for its main malware Crimson Remote Access Trojan. Moreover, Python-based RAT malware is also known for malicious attacks.
Kaspersky Investigations on Transparent Tribe:
Back in January 2019, Kaspersky started an investigation on the ongoing spying campaign of the Transparent Tribe. In the series of attacks, malicious Microsoft Office files were sent to the victims. Phishing emails were the main source of sending such malware. The result showed 1000 victims over 30 different countries.
Recently, Kaspersky found that the Transparent
Tribe is targeting mobile users with robust malware files.
Transparent Tribe, a known APT group, is now
targeting mobile devices of the online users by sending malicious Remote Access
A research conducted by Kaspersky revealed that
under the name of COVID-19 tracking apps Transparent Tribe, in its ongoing
spying campaign, is distributing Crimson Server RAT files to the online
audience. The report also shows that the APT group is receiving funds to power
up their tracking features to infect mobile devices and spy on the personal
information of online users.
At the current times, COVID-19 tracking apps
are in great demand. Taking it as an opportunity, spyware apps are actively
penetrating the mobile operating systems.
Such malware shows itself as a COVID-19 tracking app and secretly links viruses to infect the target device.
If the user installs an app like COVID-19, the malware automatically gets downloaded in his/her phone. The spying tool then becomes enabled to monitor the target phone remotely.
Here is what this powerful malware can do;
Access SMS: By accessing
the SMS, spy software can record all the sent, received, and draft messages of
the target device.
Microphone: Spyware or malware can enable the microphone of the target
device. By this, the perpetrator can listen to the surround recordings of the
target tablet or cellphone.
Logs: Call logs history or contact details can easily be fetched out
from the target phone if it has spyware installed in it.
Location: Unfortunately, if a phone gets targeted by malware, it can track
the whereabouts of the cell phone owner.
Screenshots: Capturing screenshots can record your screen activities and send
every little detail to the hacker.
Phone spyware attacks are designed to record and fetch all the personal mobile information and send it to an external server where all these data get saved. Information stolen by malware attacks can be used to blackmail the victim or for a data breach (in the case of Government and Military issues).
However, people can save themselves from
getting such a threat. By securing mobile devices, people can protect their
personal data stored in their cell phones or tablets.
Let’s have a look at some precautionary
measures that can save us from malware and spyware attacks.
Safety Precautions – Suggested by Kaspersky:
While revealing the unseen truth about spying
activities of the Transparent Tribe, Kaspersky also suggested mobile users keep
their devices secure.
The first and foremost precautionary measure is
to make your own device secure. The user must install a reliable anti-malware
in his/her phone so that any cyber threat can be detected before it damages the
Secondly, the user must download content from
reliable and secure sources. While accessing websites and apps, the user shall
ensure that the source providing the download facility is itself secure or not.
We all need basic cybersecurity hygiene
training. Because, all of us are the fish in the same sea – and that is the
The epidemic of Corona Virus has disturbed lives all around the globe. With such a hustle, the invention of COVID-19 tracking apps gained popularity among internet users. The present situation gave malware attackers free ground to target mobile devices under fake or pseudo-COVID-19 tracking apps. The online market now contains a big number of unauthorized apps that are solely designed to steal the personal information of online users. Such malware or spyware attacks can have multiple reasons, either the perpetrator wants to blackmail the victim or is wishing for ransomware.
During such a worrying situation, Kaspersky revealed the prominent player of the spyware world, the Transparent Tribe. With Crimson RAT and Python-based RAT malware, the cyber attackers are stealing user information via fake Corona Virus tracking apps. Though, it should not be a surprising situation, as a number of malware attacks are faced by the public every passing day. The best way to mitigate the chances of encountering a malware attack is by keeping our devices secure with anti-malware software. Stay safe and keep your loved ones safe from the online dangers of the internet world.