State-Sponsored Remote Wipe Tactics Targeting Android Devices

Android is much more dangers than iOS in Web3 🙂

  • Emergence of an Android remote data-wipe attack exploiting Google’s asset-tracking feature, Find Hub.
  • Identified as a follow-up attack of the KONNI APT campaign, which had operated covertly for nearly a year.
  • Attackers impersonated psychological counselors and North Korean human rights activists, distributing malware disguised as stress-relief programs.
  • Malicious files were delivered through the KakaoTalk messenger, leveraging impersonation of acquaintances to conduct trust-based attacks.
  • Strengthening real-time behavior-based detection and IOC-linked monitoring through EDR solutions is strongly recommended.
Read More