PINEFLOWER Mobile Malware
PINEFLOWER is the name of a family of mobile malware variants that is associated with an Iranian advanced persistent threat actor that is believed to be sponsored by the state.
A research team with security firm Mandiant published a recent detailed report on the malware. The report highlights PINEFLOWER as a significant threat that has a rich and fully featured set of malicious capabilities.
PINEFLOWER affects Android devices and can log and record phone calls, capture audio through the device's microphone, and both read and send out text messages. In addition to this, PINEFLOWER can perform a number of file manipulations on the infected device. The malware can both read, delete, download and upload files from a compromised Android device.
Finally, the malware can toggle both Bluetooth and Wi-Fi on and off.
Since PINEFLOWER is not a single strain of malware, those capabilities may vary between existing variants.
The surveillance and spying capabilities of PINEFLOWER make it a significant threat that can lead to major privacy issues for the owner of an infected device.