Lorem ipsum dolor sit amet, consectetur Subtext
In early 2020 we identified a new, highly sophisticated Android espionage platform that had been active in the wild for at least 4 years. We named the threat Mandrake as the actor(s) behind it used names of toxic plants, or other botanical references, for major development branches: e.g. Briar, Ricinus or Nerium.
This whitepaper provides insight into how the malware operates, what its end goal was and how it successfully managed to stay undetected in an official app store for more than 4 years.