Recently, the cybersecurity researchers of Check Point have detected a new wrench of Android malware that is currently being circulated on the internet. This malware is targeting users that are located in Southeast Asia.
The experts named this malware as WAPDropper and are currently advertised through a malicious app that is being hosted on third-party app stores.
However, the malware downloads and administers a payload, just by dropping a wireless application protocol (WAP) premium dialer, which provides a subscription to its victims regarding the premium services in Thailand and Malaysia outwardly their awareness or permission.
Timeline and Encounter
This malware deals with a URL: https://l[.]facebook1mob[.]com/index.php?r=api/back. The experts asserted that they have noticed a huge number of connections to this URL and created a malware framework with a bird’s eye view that is traced back to IP addresses 34.233.155.78 and 52.54.159.156.
These addresses are being determined to…