'Roaming Mantis' Android Malware Evolves, Expands Targets'Roaming Mantis' Android Malware Evolves, Expands Targets
Roaming Mantis has evolved rapidly, adding geographies, platforms, and capabilities to its original scope.
May 21, 2018
The trend of malware that evolves and adapts continues with the so-called Roaming Mantis malware targeting Android devices, which has broadened both its geographic range and its functional scope.
In its new form, it's ticking off boxes for almost all the most popular malware trends. Mobile malware? Check. Roaming Mantis (also called XLoader and MoqHao by researchers) is malware that targets Android devices (though the latest version includes phishing modules aimed at iOS users, as well.
Cryptojacking? Check. The latest evolution of the malware adds cryptocurrency mining to the banking trojan payload of the original.
International scope? Check. While the original Roaming Mantis was a creature of southeast Asia, the new version has support for 27 different languages to allow for a much wider circulation.
DNS hijacking? Another check. Roaming Mantis uses DNS hijacking to spread from one victim to another throughout a growing infection.
Rapid evolution? The final check. In less than a month, Roaming Mantis has broadened its capabilities and enhanced its evasion techniques. It shows all the signs of being the product of a well-funded professional malware development organization, which adds weight to the tick mark in the final check box.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023