A new Android malware named ‘FireScam’ is being distributed as a premium version of the Telegram app via phishing websites on GitHub that mimick the RuStore, Russia’s app market for mobile devices. FireScam establishes communication with a Firebase Realtime Database where it uploads stolen data in real-time and registers the compromised device with unique identifiers, for tracking purposes. The malware also opens a persistent WebSocket connection with the Firebase C2 endpoint for real-time command execution like requesting specific data, triggering immediate uploads to the Firebase database, downloading and executing additional payloads, or adjusting the surveillance parameters. How do you protect yourself againt the FireScam Malware ?
Previous Article
Microsoft data centersNext Article
Investing in Quantum Stocks