{"id":3836,"date":"2018-03-03T16:09:44","date_gmt":"2018-03-03T10:39:44","guid":{"rendered":"https:\/\/antivirus.comodo.com\/blog\/?p=3836"},"modified":"2020-08-18T22:38:43","modified_gmt":"2020-08-18T17:08:43","slug":"reddrop-malware-affects-android-devices","status":"publish","type":"post","link":"https:\/\/antivirus.comodo.com\/blog\/comodo-news\/reddrop-malware-affects-android-devices\/","title":{"rendered":"RedDrop Malware Could Rob Your Identity"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-1710 aligncenter\" src=\"https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2017\/05\/wannacry-ransomware.jpg\" alt=\"malware removal\" width=\"650\" height=\"300\" srcset=\"https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2017\/05\/wannacry-ransomware.jpg 650w, https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2017\/05\/wannacry-ransomware-300x138.jpg 300w, https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2017\/05\/wannacry-ransomware-225x104.jpg 225w\" sizes=\"auto, (max-width: 650px) 100vw, 650px\" \/><\/p>\n<p>A new Android malware strain called RedDrop is now available with an extensive range of malicious actions, such as those causing financial loss and data loss on infected devices. This malware, detected in more than 53 apps, was initially spotted by UK mobile security firm Wandera on the phones of employees of a number of global consultancy firms. It was found to be more popular in China and the creators of this malware used over 4,000 domains to distribute it.<\/p>\n<p>RedDrop is capable of recording nearby audio and then uploading the data to cloud-storage accounts on Google Drive and Dropbox. This malware can also steal sensitive data such as contacts, photos, images, application data from victim\u2019s device, and nearby WiFi networks data. Some of the other malicious applications include practical tools like image editors and calculators and also more recreational apps dealing with topics like learning new languages or space exploration.<\/p>\n<p>Even though it had an impressive range of intrusive features that could effortlessly classify it as spyware, the RedDrop malware was not part of a cyber-espionage operation but was initially for subscribing users to premium SMS numbers that netted the RedDrop authors a profit.<\/p>\n<p>The RedDrop Malware affects a device through the following ways:<\/p>\n<ul>\n<li>Users searching for <a href=\"https:\/\/antivirus.comodo.com\/antivirus-for-android.php\" target=\"_blank\">Android Antivirus<\/a> App in Baidu.<\/li>\n<li>When the user clicks on poisoned search results, it redirects via a number of URL\u2019s and then reaches the store.<\/li>\n<li>Once the new app is installed and opened, it sends device details to C&amp;C servers. Seven other apps with malicious functions get installed silently at a later stage.<\/li>\n<li>It requests invasive permissions to prevent requesting permission again from users.<\/li>\n<li>It makes a victim\u2019s phone subscribe to premium SMS service and can destroy the incoming SMS.<\/li>\n<li>It also steals saved files such as images, photos, and contacts.<\/li>\n<li>Records device surrounding sounds, SIM info, device info, application and network data.<\/li>\n<li>The stolen data gets uploaded into remote file storage systems for use in blackmailing and extortion purposes.<\/li>\n<\/ul>\n<p><strong>What Happens to the Stolen Data?<\/strong><\/p>\n<p>Researchers generally assume that the RedDrop records a user&#8217;s nearby audio and steals personal files if its author desires to use this stolen data in order to blackmail some of the infected users if RedDrop succeeds in infecting a businessman, politician, or a wealthy person.<\/p>\n<p>Non-Chinese or Chinese users who want to prevent falling victims to such apps are advised to ensure that device settings disallow third-party app installations, besides triple-checking an app&#8217;s permissions before installing it and preventing the rooting of their own devices.<\/p>\n<p>For instance, CuteActress is considered to be one of the most absurd apps.<\/p>\n<p>According to Wandera researchers, &#8220;The CuteActress app ostensibly functions as an adult-themed game in which the user must rub the screen in order to reveal a seductively-dressed female.&#8221; They further state that, &#8220;Each time the screen is \u2018rubbed,\u2019 the user is unknowingly sending an SMS message to a premium service.&#8221;<\/p>\n<p><strong>Why is the RedDrop Increasingly Active in China?<\/strong><\/p>\n<p>There is no official Google Play Store in China and hence the <a href=\"https:\/\/antivirus.comodo.com\/blog\/how-to\/top-5-website-vulnerability-scanning-tools\/\" target=\"_blank\" rel=\"noopener\">malware<\/a> is mainly active in China. Generally, users in China depend on search engines to detect apps, and this indeed is considered to be main distribution method employed by RedDrop.<\/p>\n<p>A smartphone basically helps us to stay in touch with family and friends, play the latest games, and update ourselves with the weather and news. Despite allowing effortless tasks, a smartphone has its own set of risks especially when it is stolen. Your whole identity is almost lost including sensitive and personal data and online and bank accounts. Downloading a malicious app can also result in similar consequences. To prevent such malware from entering your phones, you can probably install a <a href=\"https:\/\/antivirus.comodo.com\/free-antivirus.php\" target=\"_blank\" rel=\"noopener\">antivirus software<\/a>. A virus scan will thus help in <a href=\"https:\/\/antivirus.comodo.com\/blog\/computer-safety\/five-best-virus-and-malware-removal-tools\/\" target=\"_blank\" rel=\"noopener\">malware removal<\/a> and keep your device secure.<\/p>\n<p><b>Some of following defence measures will help protect and secure your devices:<\/b><\/p>\n<ul>\n<li>Encrypt your devices<\/li>\n<li>Ensure to make frequent backups of vital data<\/li>\n<li>Install anti-malware on your devices<\/li>\n<li>Stay strict with CIA Cycle<\/li>\n<li>Download applications from trusted sources<\/li>\n<li>Keep yourself updated with the latest version<\/li>\n<li>Think twice before giving permission asked for by applications<\/li>\n<\/ul>\n<p>&nbsp;<br \/>\n<a href=\"https:\/\/antivirus.comodo.com\/download\/thank-you.php?prod=cloud-antivirus&#038;track=16678&#038;af=16678\" target=\"_blank\" rel=\"noopener\" onclick=\"ga('send', 'event', {eventCategory: 'Antivirus Blog', eventAction: 'Download', eventLabel: 'Bottom FREE DOWNLOAD banner Product AV'});ga('nT.send', 'event', {eventCategory: 'Antivirus Blog', eventAction: 'Download', eventLabel: 'Bottom FREE DOWNLOAD banner Product AV'});\"><img decoding=\"async\" class=\"aligncenter size-full wp-image-8604\" src=\"https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2018\/04\/Comodo-Free-Antivirus.png\" alt=\"comodo antivirus\"\/><\/a><\/p>\n<p><a href=\"https:\/\/secure.nurd.com\/home\/purchase.php?pid=109&#038;af=16166\" target=\"_blank\" rel=\"noopener\" onclick=\"ga('send', 'event', {eventCategory: 'Antivirus Blog', eventAction: 'Click', eventLabel: 'GET COMPLETE PROTECTION banner Product CIS Pro'});ga('nT.send', 'event', {eventCategory: 'Antivirus Blog', eventAction: 'Click', eventLabel: 'GET COMPLETE PROTECTION banner Product CIS Pro'});\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-8604\" src=\"https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2020\/08\/complete-antivirus.png\" alt=\"comodo antivirus\" width=\"650\" height=\"83\" \/><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A new Android malware strain called RedDrop is now available with an extensive range of malicious actions, such as those causing financial loss and data loss on infected devices. This malware, detected in more than 53 apps, was initially spotted by UK mobile security firm Wandera on the phones of employees of a number of [&hellip;]<\/p>\n","protected":false},"author":5,"featured_media":1710,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[26,13,152],"class_list":["post-3836","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-comodo-news","tag-malware","tag-malware-removal","tag-reddrop-malware"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>What is RedDrop Malware? | Its Impact on Android Devices<\/title>\n<meta name=\"description\" content=\"RedDrop Malware is a new set of malware that steals data from Android Devices. Get to know the impact of RedDrop and malware removal methods.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/antivirus.comodo.com\/blog\/comodo-news\/reddrop-malware-affects-android-devices\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What is RedDrop Malware? | Its Impact on Android Devices\" \/>\n<meta property=\"og:description\" content=\"RedDrop Malware is a new set of malware that steals data from Android Devices. Get to know the impact of RedDrop and malware removal methods.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/antivirus.comodo.com\/blog\/comodo-news\/reddrop-malware-affects-android-devices\/\" \/>\n<meta property=\"og:site_name\" content=\"Comodo Antivirus Blogs | Anti-Virus Software Updates\" \/>\n<meta property=\"article:published_time\" content=\"2018-03-03T10:39:44+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-08-18T17:08:43+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2017\/05\/wannacry-ransomware.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"650\" \/>\n\t<meta property=\"og:image:height\" content=\"300\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"seo\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"seo\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/antivirus.comodo.com\/blog\/comodo-news\/reddrop-malware-affects-android-devices\/\",\"url\":\"https:\/\/antivirus.comodo.com\/blog\/comodo-news\/reddrop-malware-affects-android-devices\/\",\"name\":\"What is RedDrop Malware? | Its Impact on Android Devices\",\"isPartOf\":{\"@id\":\"https:\/\/antivirus.comodo.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/antivirus.comodo.com\/blog\/comodo-news\/reddrop-malware-affects-android-devices\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/antivirus.comodo.com\/blog\/comodo-news\/reddrop-malware-affects-android-devices\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2017\/05\/wannacry-ransomware.jpg\",\"datePublished\":\"2018-03-03T10:39:44+00:00\",\"dateModified\":\"2020-08-18T17:08:43+00:00\",\"author\":{\"@id\":\"https:\/\/antivirus.comodo.com\/blog\/#\/schema\/person\/e534eccce9a7e6ced088443c73329462\"},\"description\":\"RedDrop Malware is a new set of malware that steals data from Android Devices. Get to know the impact of RedDrop and malware removal methods.\",\"breadcrumb\":{\"@id\":\"https:\/\/antivirus.comodo.com\/blog\/comodo-news\/reddrop-malware-affects-android-devices\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/antivirus.comodo.com\/blog\/comodo-news\/reddrop-malware-affects-android-devices\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/antivirus.comodo.com\/blog\/comodo-news\/reddrop-malware-affects-android-devices\/#primaryimage\",\"url\":\"https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2017\/05\/wannacry-ransomware.jpg\",\"contentUrl\":\"https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2017\/05\/wannacry-ransomware.jpg\",\"width\":650,\"height\":300,\"caption\":\"Ransomware\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/antivirus.comodo.com\/blog\/comodo-news\/reddrop-malware-affects-android-devices\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/antivirus.comodo.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"RedDrop Malware Could Rob Your Identity\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/antivirus.comodo.com\/blog\/#website\",\"url\":\"https:\/\/antivirus.comodo.com\/blog\/\",\"name\":\"Comodo Antivirus Blogs | Anti-Virus Software Updates\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/antivirus.comodo.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/antivirus.comodo.com\/blog\/#\/schema\/person\/e534eccce9a7e6ced088443c73329462\",\"name\":\"seo\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/antivirus.comodo.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/3b7714e98dafc3a3b391832c0f5e2b406856b62c8e81ad94382c197cdb380790?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/3b7714e98dafc3a3b391832c0f5e2b406856b62c8e81ad94382c197cdb380790?s=96&d=mm&r=g\",\"caption\":\"seo\"},\"url\":\"https:\/\/antivirus.comodo.com\/blog\/author\/seo\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"What is RedDrop Malware? | Its Impact on Android Devices","description":"RedDrop Malware is a new set of malware that steals data from Android Devices. Get to know the impact of RedDrop and malware removal methods.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/antivirus.comodo.com\/blog\/comodo-news\/reddrop-malware-affects-android-devices\/","og_locale":"en_US","og_type":"article","og_title":"What is RedDrop Malware? | Its Impact on Android Devices","og_description":"RedDrop Malware is a new set of malware that steals data from Android Devices. Get to know the impact of RedDrop and malware removal methods.","og_url":"https:\/\/antivirus.comodo.com\/blog\/comodo-news\/reddrop-malware-affects-android-devices\/","og_site_name":"Comodo Antivirus Blogs | Anti-Virus Software Updates","article_published_time":"2018-03-03T10:39:44+00:00","article_modified_time":"2020-08-18T17:08:43+00:00","og_image":[{"width":650,"height":300,"url":"https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2017\/05\/wannacry-ransomware.jpg","type":"image\/jpeg"}],"author":"seo","twitter_card":"summary_large_image","twitter_misc":{"Written by":"seo","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/antivirus.comodo.com\/blog\/comodo-news\/reddrop-malware-affects-android-devices\/","url":"https:\/\/antivirus.comodo.com\/blog\/comodo-news\/reddrop-malware-affects-android-devices\/","name":"What is RedDrop Malware? | Its Impact on Android Devices","isPartOf":{"@id":"https:\/\/antivirus.comodo.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/antivirus.comodo.com\/blog\/comodo-news\/reddrop-malware-affects-android-devices\/#primaryimage"},"image":{"@id":"https:\/\/antivirus.comodo.com\/blog\/comodo-news\/reddrop-malware-affects-android-devices\/#primaryimage"},"thumbnailUrl":"https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2017\/05\/wannacry-ransomware.jpg","datePublished":"2018-03-03T10:39:44+00:00","dateModified":"2020-08-18T17:08:43+00:00","author":{"@id":"https:\/\/antivirus.comodo.com\/blog\/#\/schema\/person\/e534eccce9a7e6ced088443c73329462"},"description":"RedDrop Malware is a new set of malware that steals data from Android Devices. Get to know the impact of RedDrop and malware removal methods.","breadcrumb":{"@id":"https:\/\/antivirus.comodo.com\/blog\/comodo-news\/reddrop-malware-affects-android-devices\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/antivirus.comodo.com\/blog\/comodo-news\/reddrop-malware-affects-android-devices\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/antivirus.comodo.com\/blog\/comodo-news\/reddrop-malware-affects-android-devices\/#primaryimage","url":"https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2017\/05\/wannacry-ransomware.jpg","contentUrl":"https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2017\/05\/wannacry-ransomware.jpg","width":650,"height":300,"caption":"Ransomware"},{"@type":"BreadcrumbList","@id":"https:\/\/antivirus.comodo.com\/blog\/comodo-news\/reddrop-malware-affects-android-devices\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/antivirus.comodo.com\/blog\/"},{"@type":"ListItem","position":2,"name":"RedDrop Malware Could Rob Your Identity"}]},{"@type":"WebSite","@id":"https:\/\/antivirus.comodo.com\/blog\/#website","url":"https:\/\/antivirus.comodo.com\/blog\/","name":"Comodo Antivirus Blogs | Anti-Virus Software Updates","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/antivirus.comodo.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/antivirus.comodo.com\/blog\/#\/schema\/person\/e534eccce9a7e6ced088443c73329462","name":"seo","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/antivirus.comodo.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/3b7714e98dafc3a3b391832c0f5e2b406856b62c8e81ad94382c197cdb380790?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/3b7714e98dafc3a3b391832c0f5e2b406856b62c8e81ad94382c197cdb380790?s=96&d=mm&r=g","caption":"seo"},"url":"https:\/\/antivirus.comodo.com\/blog\/author\/seo\/"}]}},"post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/antivirus.comodo.com\/blog\/wp-json\/wp\/v2\/posts\/3836","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/antivirus.comodo.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/antivirus.comodo.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/antivirus.comodo.com\/blog\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/antivirus.comodo.com\/blog\/wp-json\/wp\/v2\/comments?post=3836"}],"version-history":[{"count":17,"href":"https:\/\/antivirus.comodo.com\/blog\/wp-json\/wp\/v2\/posts\/3836\/revisions"}],"predecessor-version":[{"id":14948,"href":"https:\/\/antivirus.comodo.com\/blog\/wp-json\/wp\/v2\/posts\/3836\/revisions\/14948"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/antivirus.comodo.com\/blog\/wp-json\/wp\/v2\/media\/1710"}],"wp:attachment":[{"href":"https:\/\/antivirus.comodo.com\/blog\/wp-json\/wp\/v2\/media?parent=3836"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/antivirus.comodo.com\/blog\/wp-json\/wp\/v2\/categories?post=3836"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/antivirus.comodo.com\/blog\/wp-json\/wp\/v2\/tags?post=3836"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}