After numerous attempts to sabotage the Oct26 Driving Campaign online, by repeated hacking of sites/accounts as well as defacing of websites which included the official website for the campaign hxxp://www.Oct26driving.com twice in a span of a few days. Additional attempts to derail the movement are now coming to light. Hacker(s) not deterred by just the act of defacing sites have also created and released malware to spread their message. One such example is the discovery by McAfee Mobile Security of Android/HackDrive.
The malware was disguised as an app in support of the online campaign; even using the icon that has come to symbolize the movement of the Oct 26th Driving Campaign, but in reality was designed to spread the same hate propaganda that was placed on the hacked/defaced websites it was being distributed from.
On installation, the malware activates once a headset has been plugged in. Starting off by jamming the audio by repeatedly playing a predefined audio sequence, making it impossible to listen to anything else on the device or carry out a phone conversation; the threat also displays additional message in Arabic text similar to the messages used in the hacked website.
Curiously enough there were additional functionality traced out in the malicious code. The app had the capability to go through the contact database seeking names, phone numbers on an infected device; accompanying this was the ability to allow data to be posted to a remote website, but strangely even though code was there, the app did not actually call on the functionality. This begs the question, is this work in progress and will a later version having additional features.
On the surface the antics used in the app and the website defacing may seem juvenile but make no mistake, this is hate and prejudice manifested into an app. McAfee is closely monitoring the situation for further development and urge users to exercise precaution when attempting to download any software that is tied to any political or activist campaign.