The issue with smartphones and malware has been as long as the conception of the device itself, and even predates the device’s actual creation. Adding to this ongoing drama is yet another malware that takes the form of both spyware and malware simultaneously, referred to as “Goontact.”
As spyware, Goontact gathers affected users’ personal information and data, such as SMS, contacts, and photos, illicitly, if installed. Reportedly, the malware seems to target victims from within the East Asian region, particularly China, Japan, and Korea, often as a result of incidentally visiting shady websites.
- Ransomware OSX.ThiefQuest targets macOS users using pirated apps
- How to get rid of malware from your Android smartphone
Upon luring unwitting victims into an illicit website, Goontact then performs its function as ransomware by duping the target into installing applications that, if complied upon, will not only leak the users’ information but also exposes the compromised target to a blackmail, i.e., ransomware.
Of interest in the overall scheme is the idea that the malware employs certificates from legitimate companies, raising questions as to how the perpetrators managed to get a hand on them.
Aware of the incident, Apple is already taking action in revoking certificates that were identified as being used with the hack.
Meantime, users are being encouraged to apply due vigilance when using their smart devices to prevent falling victim to an insidious scheme.