Roaming Mantis has evolved rapidly, adding geographies, platforms, and capabilities to its original scope.
The trend of malware that evolves and adapts continues with the so-called Roaming Mantis malware targeting Android devices, which has broadened both its geographic range and its functional scope.
In its new form, it's ticking off boxes for almost all the most popular malware trends. Mobile malware? Check. Roaming Mantis (also called XLoader and MoqHao by researchers) is malware that targets Android devices (though the latest version includes phishing modules aimed at iOS users, as well.
Cryptojacking? Check. The latest evolution of the malware adds cryptocurrency mining to the banking trojan payload of the original.
International scope? Check. While the original Roaming Mantis was a creature of southeast Asia, the new version has support for 27 different languages to allow for a much wider circulation.
DNS hijacking? Another check. Roaming Mantis uses DNS hijacking to spread from one victim to another throughout a growing infection.
Rapid evolution? The final check. In less than a month, Roaming Mantis has broadened its capabilities and enhanced its evasion techniques. It shows all the signs of being the product of a well-funded professional malware development organization, which adds weight to the tick mark in the final check box.
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024