Charger

Charger is Android malware that steals steals contacts and SMS messages from the user's device. It can also lock the device and demand ransom payment if it receives admin permissions. [1]

ID: S0323
Type: MALWARE
Platforms: Android
Version: 1.1

Techniques Used

Domain ID Name Use
Mobile T1432 Access Contact List

Charger steals contacts from the victim user's device.[1]

Mobile T1446 Device Lockout

Charger locks the device if it is granted admin permissions, displaying a message demanding a ransom payment.[1]

Mobile T1430 Location Tracking

Charger checks the local settings of the device and does not run its malicious logic if the device is located in Ukraine, Russia, or Belarus.[1]

Mobile T1406 Obfuscated Files or Information

Charger encodes strings into binary arrays to make it difficult to inspect them. It also loads code from encrypted resources dynamically and includes meaningless commands that mask the actual commands passing through.[1]

References