News  Android

Another found *in* the App Stores

Wandera are warning Android users to watch out for the RedDrop malware, which attempts to record audio, take photos, copy files etc, and even storing them on the users own Dropbox account ready to be used as extortion against the victim. It can do this, since it has full access to the account the apps of the victim's device has.

It also does the usual SMS premium service trick, and this, alongside a sophisticated network of back end hosting locations, leads analysts to believe this is a well-funded, determined hack which Wandera describe as "one of the most sophisticated" they have seen.

It's only just getting publicity, but Kaspersky has been aware of the threat since 2017.

To date, the victims are mainly in China, and the pattern is users searching adult content. However, dozens of innocent-looking apps which contain the malware have been identified - including many inside the the Sky Mobi Android app store.


RedDrop is specifically built to evade removal - it employs many stealth techniques to keep its nefarious claws in it's victims devices.

The idea it can activate the microphone without the user knowing, then upload the recording to the users own DropBox account is new.

One silver lining is that it only appears to have infected 3rd party app stores, so whatever measures Google have employed to keep it out of their official Play Store have worked, for now.