Fastviewer

Malware Profile Updated 3 months ago
Download STIX
Preview STIX
FastViewer, also known as Fastfire or Fastspy DEX, is a malicious software (malware) associated with the Kimsuky hacker group. This malware is particularly dangerous as it is designed to exploit and damage Android devices, potentially leading to significant data breaches and privacy violations. The FastViewer malware is categorized as a Remote Access Trojan (RAT), enabling hackers to perform a variety of harmful actions such as creating, deleting, or stealing files, retrieving contacts, making calls, sending text messages, turning on your camera, logging keystrokes, and more. The Kimsuky hacker group has been distributing this malware through a Google Play feature called "internal testing," which allows third-party developers to distribute their apps to a select group of trusted testers. This distribution method suggests a calculated and stealthy approach to spreading the malware, making it even more difficult for unsuspecting users to protect themselves. Recent attacks by the group have indicated an expansion of its cyber activities to include other Android malware strains like FastFire, FastSpy, FastViewer, and RambleOn. In response to the threat posed by FastViewer and similar malware, users are advised to take precautionary measures such as installing reputable Android antivirus apps and enabling Google Play Protect on their smartphones. These protective measures can help detect and remove harmful software, providing a layer of defense against these invasive cyber threats. However, vigilance in downloading and using apps, especially those from third-party developers, remains critical in ensuring one's digital safety.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Rambleon
1
RambleOn is a newer version of the ROKRAT malware, specifically designed for Android devices. ROKRAT, also known as DOGCALL, has been a favored tool of cyber attackers and has evolved over time to be compatible with various platforms including macOS (CloudMensis) and Android (RambleOn). This demonst
Fastfire
1
None
Fastspy
1
None
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Google
Malware
Android
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
KimsukyUnspecified
1
Kimsuky is a North Korea-linked advanced persistent threat (APT) group that conducts global cyber-attacks to gather intelligence for the North Korean government. The group has been identified as a significant threat actor, executing actions with malicious intent, and has recently targeted victims vi
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Fastviewer Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
Hackers are stealing Gmail messages — delete this extension right now | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker – National Cyber Security Consulting
CERT-EU
a year ago
German and South Korean Agencies Warn of Kimsuky’s Expanding Cyber Attack Tactics | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware – National Cyber Security Consulting