Researchers from Bitdefender have shared a detailed white paper on their findings regarding the Mandrake Android malware. Reportedly, the malware dubbed Mandrake is active in the wild at least for the past 4 years.
During all this time, the malware remained undetected only to be caught by Bitdefender in early 2020. Briefly, the malware worked as smart spyware targeting users via phishing campaigns and fake apps.
The researchers noticed at least two major infection waves – between 2016 and 2017, and then between 2018 and 2020. While the first wave involved a malware strain with reduced malicious functionalities, the second wave involved a smarter malware version.