IBM Security X-Force calls ITG18, which overlaps with the group known as Charming Kitten. The latest: a custom Android backdoor dubbed LittleLooter is used exclusively by the threat actor, researchers say. LittleLooter is a modified version of Android malware reported by third-party researchers several years ago. The malware is functionally rich, researchers said, providing it with the ability to pull off a long list of stunts on an infected Android device. The group’s training videos were probably not only exfiltrated over 4 hours but also included 4 hours of data.
Source: https://threatpost.com/black-hat-charming-kitten-opsec-goofs-training-videos/168394/