Roaming Mantis has evolved rapidly, adding geographies, platforms, and capabilities to its original scope.
The trend of malware that evolves and adapts continues with the so-called Roaming Mantis malware targeting Android devices, which has broadened both its geographic range and its functional scope.
In its new form, it's ticking off boxes for almost all the most popular malware trends. Mobile malware? Check. Roaming Mantis (also called XLoader and MoqHao by researchers) is malware that targets Android devices (though the latest version includes phishing modules aimed at iOS users, as well.
Cryptojacking? Check. The latest evolution of the malware adds cryptocurrency mining to the banking trojan payload of the original.
International scope? Check. While the original Roaming Mantis was a creature of southeast Asia, the new version has support for 27 different languages to allow for a much wider circulation.
DNS hijacking? Another check. Roaming Mantis uses DNS hijacking to spread from one victim to another throughout a growing infection.
Rapid evolution? The final check. In less than a month, Roaming Mantis has broadened its capabilities and enhanced its evasion techniques. It shows all the signs of being the product of a well-funded professional malware development organization, which adds weight to the tick mark in the final check box.
About the Author(s)
You May Also Like
Unleash the Power of Gen AI for Application Development, Securely
March 19, 2024The Anatomy of a Ransomware Attack, Revealed
March 20, 2024How To Optimize and Accelerate Cybersecurity Initiatives for Your Business
March 26, 2024Building a Modern Endpoint Strategy for 2024 and Beyond
March 27, 2024Building a Modern Endpoint Strategy for 2024 and Beyond
March 27, 2024