A new threat has emerged on the horizon in the form of Mandrake—an Android Malware in 2024 targeting users android devices worldwide.
First discovered by the cyber security firm Bitdefender in 2020, the malware disguised itself in astronomy and cryptocurrency apps.
According to Kaspersky, Mandrake sneaked into five Google Play apps – AirFS, Astro Explorer, Amber, Cryptopulsing, and Brain Matrix.
This Android malware in Play Store potentially exposes many Android devices to Mandrake because of high number of installations by users.
While the apps have been reportedly removed from the Google Play Store, it certainly raises alert for Android phone users, considering its ability to escape each time with newer versions.
These apps were available on Google Play Store with more than 32,000 downloads.
Even more concerning is the fact that the malware remained undetected for almost 2 years, making many Android devices susceptible to harboring this spyware much before the removal of apps from the Play Store.
Researchers have analyzed that the new samples create serious evasion complications.
This is done by moving malicious functionality to obfuscated native libraries, using certificate pinning for C2 communications, and performing a wide array of tests to check if Mandrake was running on a rooted device.
Now, let’s find out what Spyware Mandrake on android phones is and how you can protect your phone from this threat.
What is Spyware Mandrake on Android Phones?
Spyware Mandrake is a highly sophisticated and potentially the most dangerous Android malware so far. Not to mention, it’s highly evasive in nature as well.
As is the nature of any spyware, Mandrake is also designed to infiltrate devices and steal sensitive information.
Unlike many other types of malwares that rely on simple mechanisms to execute their payloads, the app functions in three stages – dropper, the loader, and core stage.
It often disguises itself in the form of legitimate apps that makes it difficult for users to recognize the threat.
The phone infected with malware, Mandrake, can do many malicious activities. It can steal your valuable credentials like password and banking details, records and monitors screen, record audio and file management.
What Happens If You Get Malware on Your Android Phone?
If your phone gets infected by Mandrake Android Malware in 2024, it can cause havoc in your device.
The most alerting part? In most cases, you won’t even realize it until it’s too late.
However, when you’re dealing with a Malware infection on your device, whether it’s Mandrake or any other type of malware such as Emotet, there’s often an urgent need to take immediate action.
Otherwise, your personal information like passwords and private communications can be compromised.
For that reason, one of the most common questions android users ask is how do I detect malware on my phone? Below, we’ll give you a detailed explanation on how to detect the spyware.
Is There Spyware Mandrake on My Android Phone?
Finding out if your phone is infected with Mandrake (the Android malware in Google Play Store) can be quite tricky due to its secretive nature.
However, there are several signs and symptoms by which you can find this out.
These include:
- unusual battery drain,
- increased data usage,
- unexpected behavior from installed apps,
- slow performance and app crashes.
If you see unfamiliar apps that you did not install or the device starts behaving erratically, it might be an indication of Mandrake spyware.
Now, let’s see how to remove malware in Android so that you can ward off any security risks that might arise due to the presence of malware in an android phone.
How to Detect Mandrake and Clean Your Device?
Detecting Mandrake on your android device requires the use of robust security tools and strict vigilance.
Because it’s so difficult to detect, the best course of action would be to avoid installing any random apps from Play Store.
First, keep Google Play Protect on which comes by default on Google Play app store.
Google Play Protect has the ability to block apps that show malicious activity and remove malware in android devices in the case of severe threats.
You can also install a reputable anti-malware app like Bitdefender or Norton mobile security that can scan and detect Mandrake’s presence. In fact, Bitdefender was also the first cybersecurity company to report about the spyware Mandrake.
Furthermore, pay attention to app permissions and avoid downloading apps from untrusted sources.
To clean your android device, you may need to perform a factory reset as a last resort, which will erase all data and restore the phone to its original state.
However, before doing this, back up important data to avoid loss. Reinstall apps from trusted sources after resetting the device and watch out if there’s still any unusual behavior in the device.
Google also provides some malware removal guidelines for Android phone users.
Mandrake-Android Malware 2024 represents a significant threat to Android users worldwide.
The stealthy nature of this spyware can make it quite challenging for users to detect this in the Play Store apps.
Keep an eye out for some of the obvious signs that show that your phone is infected with the new Android malware, Mandrake. These may include unusual battery drain, increased data usage, and unexpected behavior in your android phone operations.
Installing robust android antivirus, installing apps from trusted sources and activating Google Play Protect can prevent the spyware from infecting your device.