Dark Web Hackers Steals with Vultur
The Vultur malware was sneakily developed by dark web hackers and launched about January 2022. A report linked the malicious App to the doctoring of the open-source code of the legit Aegis authenticator App. The newly created Application was then injected with a malicious code created by the deep web hackers. Thus, the open-source code App was able to retain its core functionality, in addition to the injected malicious code. Together both codes make the Vultur malware one of the most dangerous viruses launched recently.
Android users not already affected by the malicious authenticator should give thanks to the cyber analysts at Pradeo, which spotted the virus and revealed its existence in a blog post titled Fake Authenticator App Dropped Vultur Malware.
Just as its name suggested ‘Vultur malware’ – once the App link is downloaded, it can work stealthily to steal critical information on the infected android device. With its capabilities to avoid all red flags, this malware steals credit card info and even bank account username and passwords. Therefore, after the unsuspecting user downloads it, this app operates in the background by gathering details from the infected device. And just like a real vulture; it demands extensive permission on the affected android gadgets.
Vultur Malware Fake Authenticator
In addition, according to the cyber security analyst, the persistence infiltration gained on the infected device by the Vulture Malware allows it to use its fake authenticator. The virus then performs its app drops by delivering its final payload in the form of the Vultur malware.
And while the magnitude of its devastation has not been realized as yet; it is reported that the damages caused could be severe. However, even with it being removed from the Google App Store, analytical studies show that the malware already garnered well over 10,000+ downloads.
Specifically, praises must be accorded to the Pradeo researchers that quickly discovered the malicious App. Thus, their quick action helped to prevent further infiltration on millions of android gadgets. According to Pradeo cyber analysts that track dark web viruses, the malware equipped with a dropper could cause tremendous devastation. The analysts’ report states that the Vultur malware stealthily infect Android devices once downloaded from the Google play store.
Google Removed Vultur App
The Pradeo cyber tracking researchers quickly reach out to Google, notifying the company of the devastating App posted on its flagship Google play store. And since then; it has quickly vanished from the popular Apps website.
Above all, with Google’s quick action, millions of users were spared from falling prey to the malicious Vultur malware.
However, as stated earlier, it is quite evident from its downloads report; the Vultur malware now resides on 10,000 android devices. Hence, users that have recently downloaded the App must get it removed with utmost urgency.