Mobile spyware that steal Twitter credentials uses sandbox to Evade antivirus detections

Security Experts from Avast came through a Malware that uses a sandbox(DroidPlugin) to dynamically load and run an app, without actually installing the app, just like VirtualApp.

This makes it harder for antivirus solutions for recognizing the malware, as its malicious parts are not put away in the host application.

This malware is spread through Evergreen social Engineering tactics and they are to steal user’s Twitter credentials.

Avast said The malware masks itself as Wandoujia, a well known Android application store in China.

Interestingly, the malware developer presented an issue to DroidPlugin to report an out-of-memory issue around the time the new variation was discharged.

Read More at GBHackers On Security