KakaoTalk

Cyber Threats

Instant messaging apps are battling it out and trying to become the next popular means of communication that people will use. For example, in Japan, both Line and KakaoTalk - two popular chat apps - both claim to have more than 100 million users in Japan.It shouldn't be a surprise that cybercriminals are using the names of these apps for their own attacks; in this post we'll show how KakaoTalk is being targeted by attackers. (However, let's be clear that KakaoTalk is

KakaoTalk is a fast & multifaceted messaging app. Send messages, photos, videos, voice notes and your location for free. Make chatting extra fun with an array of emoticons and sticker collections. KakaoTalk is a South Korean messaging app with similarities to other regional messaging apps. Kakao has a digital wallet service called Kakao Pay similar to WeChat and has featured characters called Kakao Friend similar to LINE. The KakaoTalk app has four main panels called Friends, Chats, Find, and More.

notKakaoTalk being the only brand targeted; other brands and apps are also targets as well.) Users need to understand the threats posed by these malicious apps.First example: Trojanized AppOne common way to create malicious apps is to take a legitimate version of the app and add malicious code to it. This creates a Trojanized app which, to the user, can appear to be normal. However, it actually contains malicious code.This particular Trojanized version of KakaoTalk is detected as ANDROIDOS_ANALITYFTP.A, and was distributed via email. If one examines the details of the app, one can see the differences between the legitimate app and the modified one:

Table 1: Differences between legitimate and Trojanized versions

In addition, when we examine the permissions used by the app, it's worth noting that the Trojanized app asks for more permissions than the legitimate app.

Figure 1: Permissions of 'ANDROIDOS_ANALITYFTP.A'

ANDROIDOS_ANALITYFTP.A seems to be a Trojanized app that can be used by eavesdroppers. This app regularly sends out contact information, text messages, and some phone settings to a command-and-control server from where the attacker can retrieve it.This process of Trojanizing is made easier because most Android apps are written using the Java programming language. Unless steps are taken to obfuscate it, the source code of any Java app is relatively easy to obtain; the attacker can then add or modify the code to introduce malicious behavior into the app.Second example: Fake appAside from Trojanized apps, fake apps have used KakaoTalk's name as well. About a month ago, KakaoTalk warned users via their official Twitter account of a “KakaoTalk Security Plugin”:

Figure 2: Twitter alert from KakaoTalk

We detect the fake security as ANDROIDOS_FAKEKKAO.A. Many users have fallen victim to this not just because it uses KakaoTalk's brand, but also because it uses “Security” in its name as well.What does this malicious app do when it's installed? It reads the user's contacts and uses the phone's text messaging feature to send messages to all contacts. Because of this, it is quite easy to notice that something has gone wrong with their device.What's most interesting about this fake app, however, was how it was distributed. The attackers used a hacked Google Play developer account to distribute a redirector app:

Figure 3: Redirector appHdhomerun.com.

This redirector app contained ads that led to a variety of apps - including the fake security plugin. By doing it this way, the attacker was attempting to avoid scanners like Google's integrated Bouncer service.Best PracticesThe best way to protect against these threats is to avoid downloading apps from outside of Google Play - a tip we mentioned earlier when talking about the recent Android security vulnerability. Apps arriving from outside the somewhat curated Google Play store have frequently been a source of security problems for Android devices. Even then, users should check the developer of the app they're downloading, as well as any reviews, to verify that they are downloading legitimate apps.On-device security solutions (like Trend Micro Mobile Security) detect even threats which arrive outside of authorized app stores, providing an additional layer of protection.Developers, meanwhile, need to seriously consider the possibility that their apps can be Trojanized and used for malicious purposes. They need to consider putting in place the necessary defenses: obfuscation (to make analysis and Trojanizing of their apps harder) and code integrity monitoring (to ensure that alerts are raised if/when the app's code is modified and run). In addition, if the app can be built in such a way that sensitive information is handled online - so that stealing information becomes more difficult - it would also help make apps more secure and resistant to these attacks.
  • 39 references 28 Confirmed & Positive
  • Fluent in Dutch, English; learning Korean
  • 41, Male
  • Member since 2015
  • Medical Doctor
  • medicine
  • From Amsterdam, North Holland, Netherlands
  • Profile 100% complete

A frequent traveler from Netherlands, based in Seoul (12+ years~)
Social, friendly ~,Like to meet, talk, listen and have fun~
Consultant in pharmaceutical industry, Own an startup in Seoul~

Why I’m on Couchsurfing

Like to meet interesting people from different cultures and countries~
Prefer to host optimistic, happy people with positive attitude and open mind.
Travelers with good stories, Artists with talents, Entrepreneurs, students with big dreams, people with humor and good spirit, eaters and drinkers are welcome.

Travelers looking for a free bed are not my choice!

Interests

meeting interesting people, spending quality time and having fun~, sometimes drawing, attending festivals and music concerts, frequently traveling
Eating Korean food and drinking wine and Beer ~
I am the admin and moderator of Seoul Couchsurfing chatroom. If you have Kakaotalk app, You can join the chatroom.

  • wildlife
  • culture
  • wine
  • movies
  • traveling
  • music
  • food
  • talking
  • roadtrips

Music, Movies, and Books

Classics, hip hop. EDM, 70s, 80s, Korean! Romantic, comedies, stories ; dramas

One Amazing Thing I’ve Done

Driving an old car from Amsterdam to Sardinea~
Scenic route (A1) drive in California from LA to SF~
One week stay in an amazing health retreat tree hut in Ubud, Bali~
Tracking leopards in Sri Lanka~
Desert safari in Dubai and Oman~
Chilling week in Boracay~
Driving around south Island of NZ~ Feb 2015
Baloon flight in Cappadoccia, Turkey~ Feb 2016
5000 Km road trip in 10 days in BC and Alberta - May 2016
Visiting Sun and Moon pyramids in Mexico
Road trip Amsterdam to Poland - 2016
City Hopping in north Spain, including Bilbao, Burgos, Santiago de compostela, Leon, Santander and more.. - 2016
Driving 7000 Km in Australia South and east, from great ocean road to Melbourne, Canberra, Sydney, Brisbane, Cairns and all the way up to Port Douglas - Dec 2016 - Jan 2017
Sandboarding in Peru - ( 18 days round trip to Inca and Nasca lines, Cusco, Machu Pichchu) - Aug / Sep 2017
Floating in dead sea - (round trip in Israel - Feb 2018)
Road trip Amsterdam to Ravello, Italy - Sep 2018~ (via Como, Sirmione, Bologna, Florence, Sienna, Maiori and Amalfi Coast)
Following the foot steps of Marco Polo along the ancient Silk Route from Tbilisi Georgia to Beijing via Armenia, Iran, Turkmenistan, Uzbekistan, Kazakhstan and Kyrgyzstan - May - July 2019
Staying in Nomad Yurt Camps in Song-Kul Lake, Kyrgyzstan - July 2019
Driving around in Oman dessert in the middel of a sand storm (very scary) - August 2019

Teach, Learn, Share

Tourist and travel information Korea/Travel
Listen to your travel/life stories
I work only few hours a day. I can spend time with you, happy to show you around in Seoul and can introduce you to my friends.

What I Can Share with Hosts

Private guest room in Seoul city center ~,
food/drinks,
Fun, laugh, joy, stories listening and sharing ~
Large collection of movies / books, boardgames
TV and Netflix
Wi-Fi

Countries I’ve Visited

Kakaotalk Characters

KakaoTalk

Armenia, Australia, Austria, Belgium, Brazil, Cambodia, Canada, China, Czech Republic, Denmark, England, Finland, France, Georgia, Germany, Greece, Hong Kong, India, Indonesia, Iran, Israel, Italy, Japan, Kazakhstan, Kyrgyzstan, Malaysia, Maldives, Malta, Mexico, Netherlands, New Zealand, Norway, Oman, Peru, Philippines, Poland, Portugal, Qatar, Scotland, Singapore, Slovenia, South Africa, South Korea, Spain, Sri Lanka, Sweden, Switzerland, Taiwan, Thailand, Turkey, Turkmenistan, United Arab Emirates, United Kingdom, United States, Uzbekistan, Vatican City State, Viet Nam, Wales

Countries I’ve Lived In

Kakaotalk Download For Laptop

Netherlands, South Korea, Sri Lanka