HackTool.AndroidOS.Arpspoof

Detect Date 06/08/2017
Class HackTool
Platform AndroidOS
Description

This malicious application uses ARP spoofing to intercept traffic within a local network. Root access is required for the application to work. The application uses the iptable class=”most_attacked_countries”. Core functionality related to traffic modification is contained in ELF files.

Geographical distribution of attacks by the HackTool.AndroidOS.Arpspoof family


Geographical distribution of attacks during the period from 08 June 2016 to 08 June 2017

Top 10 countries with most attacked users (% of total attacks)

Country % of users attacked worldwide*
1 India 13.62
2 Iran 9.28
3 USA 7.73
4 Russian Federation 5.89
5 Germany 5.41
6 Algeria 3.67
7 Brazil 3.57
8 Mexico 3.48
9 Egypt 2.80
10 Italy 2.32

* Percentage among all unique Kaspersky users worldwide attacked by this malware