Zombinder Platform Injects Malware Code To Perform Malicious Actions via Legitimate Android Apps
Zombinder was first discovered by researchers at Palo Alto Networks in July 2017 and, since then, has been used to distribute several different types of Android malware and other threats targeting various system types. The platform is designed to allow threat actors to create malicious applications that are indistinguishable from their legitimate counterparts. Fundamentally, it means they have similar permissions as the original application but also include additional code, which makes them appear as if they were part of the original app.
When users install the malicious app, the Zombinder platform injects its own code into the original application. Once injected, the malicious code performs various actions such as: downloading and executing other malicious files, sending data back to command & control (C&C) servers, executing commands through the terminal emulator, launching web pages or opening URLs, and collecting information about the victim.
Removing the Zombinder Malware Platform from your device is essential to protect your data and personal information, especially on your Android mobile device. Fortunately, there are a few steps you can take to detect and remove malicious code such as using an anitmalware resource on your device.
The first and most important step when dealing with any malware is to make sure all of your devices are running the latest security patches. Not only will this help protect against existing threats, but it can also prevent new ones from taking advantage of any vulnerabilities in your system.