DoNot Firestarter Malware Using Google Firebase Cloud Messaging: Report

DoNot Firestarter is a newly discovered malware on Android that is reportedly using Google’s own infrastructure to deploy malware. According to Cisco’s Talos cybersecurity researchers, Firestarter uses Google’s Firebase cloud messaging infrastructure to control the malware. By using the Google infrastructure, the malware can hide in legitimate internet traffic and target the malware in a personalized way, making it even more difficult for security researchers to detect.

analysis According to DoNot’s activities by cyber threat researchers at Cisco Talos, the group is trying to target government officials in Pakistan and NGOs operating in Kashmir.

The loader is usually disguised as an application tricking a user into installing it. The app then contains additional code that is used to download the payload based on the information received from the device. For example, this could be used to create an app that is harmless in the rest of the world, but acts as malware in a specific region.

The malware then transmits personal and geographic information about the device to DoNots C2 or its command center. This allows the group to identify the user and decide whether or not to infect the device. The researchers said that using Google FCM, the malware can get a malicious package from DoNot C2 in the form of a link that the group can use to access the device. And even if a particular C2 were to be removed, access through the Google FCM would allow the group to infect the device with another C2, making that loader particularly dangerous and difficult to sort out.
The only way to neutralize the threat, according to researchers, is to have Google remove the infected FCM account along with the C2. The analysis also states that the DoNot Firestarter malware is difficult to identify and categorize for security researchers because it is specifically targeted at users.


Is Android One Holding Nokia Smartphones Back in India? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts, Google Podcasts, or RSS, Download the episodeor just hit the play button below.

Follow Gadgets 360 for the latest technical news and reviews Twitter, Facebook, and Google news. Subscribe to our latest videos on gadgets and technology Youtube channel.

Veer Arjun Singh

Oppo K7x Geekbench Listing, Official Teaser Reveals Key Specs Ahead of Nov 4th Launch

.

Source link : https://gadgets.ndtv.com/mobiles/news/donot-firestarter-android-malware-google-firebase-cloud-messaging-cisco-talos-report-2319530#rss-gadgets-all