This is based on research conducted by security company McAfee. According to McAfee, a North Korean hacker group known as Sun Team has recently uploaded three apps to Google Play.
These applications are used to spy on those who defect from North Korea to other countries. Hackers contact people through Facebook in an effort to lure them to install food-related apps and security that have not been released yet.
Unfortunately, when installed, the malicious app actually sends contacts, photos, and user SMS to the hacker. The data and orders are sent using Russian Dropbox and Yandex services.
The campaign called RedDawn is not the first time run by Sun Team. McAfee discovered similar things in January 2018. The effort requires a download process from outside Google Play.
