A collection of components associated with Sandworm designed to enable remote access and exfiltrate information from Android phones.
- Infamous Chisel is a collection of components targeting Android devices.
- This malware is associated with Sandworm activity.
- It performs periodic scanning of files and network information for exfiltration.
- System and application configuration files are exfiltrated from an infected device.
- Infamous Chisel provides network backdoor access via a Tor (The Onion Router) hidden service and Secure Shell (SSH).
- Other capabilities include network monitoring, traffic collection, SSH access, network scanning and SCP file transfer.