The affected devices include Android smartphones, watches, TVs, and TV boxes.
The Lemon Group, a significant cybercrime organisation, has allegedly installed malware called ‘Guerilla’ on nearly 9 million (8.9 million to be exact) Android devices, including smartphones, watches, TVs, and TV boxes across the world, claims a new Trend Micro report. The malware is utilised by scammers to perform various malicious activities such as loading additional payloads, intercepting one-time passwords from SMS, setting up a reverse proxy from the infected device, hijacking WhatsApp sessions, and other similar actions.
The research, recently shown at the BlackHat Asia conference in Singapore, describes how these devices were infected, what malicious plug-ins were used, and how the groups work together.
The top 10 countries that are affected due to the Guerrilla malware are India, Argentina, Angola, Indonesia, Mexico, Philippines, Russia, South Africa, Thailand, and the US.
Guerrilla malware on 8.9 million Android devices
Analysts found the huge criminal operation, and some of the infrastructure of the attackers matches with that of the 2016 Triada trojan operation. Triada was a banking trojan that was found on 42 Android phone models from cheap Chinese brands that sell their goods all over the world.
