Researchers have discovered a previously undocumented Android dropper, dubbed BugDrop, that’s still under development.
Recently, researchers from ThreatFabric discovered a previously undetected Android dropper, dubbed BugDrop, which is under active development and was designed to bypass security features that will be implemented in the next release of the Google OS.
The experts noticed something unusual in the latest sample of the malware family Xenomorph, it was an improved version of the threat that included RAT capabilities by using “Runtime modules”. The Runtime modules allow the malware to perform gestures, touches, and other operations.
The new version of Xenomorph was dropped by the BugDrop malware which is able to defeat security measures that Google will introduce to prevent malware requesting Accessibility Services privileges from victims.
The dropper was developed by a cybercriminal group known as Hadoken Security, which is the same threat actor that is behind Xenomorph and Gymdrop Android malware.
