New ‘Perseus’ Android malware checks user notes for secrets
Summary
A new Android malware, dubbed Perseus, has been discovered that actively searches user-created notes for sensitive information. This includes credentials such as passwords, cryptocurrency recovery phrases, and financial data, posing a significant risk to user privacy and security.
IFF Assessment
FOE
This is bad news for defenders as it represents a new malware strain actively targeting sensitive user data stored in notes on Android devices.
Defender Context
Defenders should be aware of this new malware's capabilities and educate users about the risks of storing sensitive information in plain text notes. Monitoring for unusual network activity or data exfiltration from mobile devices could help detect infections.