A previously undocumented Android malware campaign has been observed leveraging money-lending apps to blackmail victims into paying up with personal information stolen from their devices.
Mobile security company Zimperium dubbed the activity MoneyMonger, pointing out the use of the cross-platform Flutter framework to develop the apps.
MoneyMonger “takes advantage of Flutter’s framework to obfuscate malicious features and complicate the detection of malicious activity by static analysis,” Zimperium researchers Fernando Sanchez, Alex Calleja , Matteo Favaro, and Gianluca Braga said in a report shared with The Hacker news.