Detect date
06/08/2017
Class
HackTool
Platform
AndroidOS

Parent class: Malware

Malicious tools are malicious programs designed to automatically create viruses, worms, or Trojans, conduct DoS attacks on remote servers, hack other computers, etc. Unlike viruses, worms, and Trojans, malware in this subclass does not present a direct threat to the computer it runs on, and the program’s malicious payload is only delivered on the direct order of the user.

Read more

Class: HackTool

HackTool programs are used to create new users in the list of permitted system visitors, and to delete information from system logs in order to hide the malicious user’s presence on the system. These programs are also used to analyze and collect network packets to carry out specific malicious actions. Malicious users employ HackTool programs when setting up attacks on local or remote computers.

Read more

Platform: AndroidOS

Android is an open-source operating system developed by Google for mobile devices, such as tablets, smartphones, and watches. Based on a Linux kernel and the Dalvik virtual machine (older versions) / Android Runtime environment (newer versions).

Description

This application is used to intercept WhatsApp traffic and subsequently read WhatsApp messages. The attack is successful when a specially prepared device and the victim are connected to the same Wi-Fi network. Root access is required for the application to work. Core functionality is implemented in the arpspoof and tcpdump ELF modules. Network requests are forwarded to these modules by the iptable class="most_attacked_countries", which acts as a go-between between the victim and server.

Top 10 countries with most attacked users (% of total attacks)

1
India
16.89%
2
Brazil
10.78%
3
Mexico
7.76%
4
Italy
7.18%
5
Germany
6.57%
6
Spain
4.30%
7
Colombia
2.73%
8
Russian Federation
2.59%
9
Egypt
2.42%
10
USA
2.25%
* Percentage among all unique Kaspersky users worldwide attacked by this malware

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!
Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Learn more
New Kaspersky!
Your digital life deserves complete protection!
Learn more
Confirm changes?
Your message has been sent successfully.