VERY IMPORTANT

In early 2020 Bitdefender identified a new, highly sophisticated Android espionage platform that had been active in the wild for at least 4 years. Bitdefender named the threat Mandrake as the actor(s) behind it used names of toxic plants, or other botanical references, for major development branches: e.g. briar, ricinusor Nerium. Only recently did the threat actor change its name to darkmatter. The actors behind Mandrake are primarily targeting Australia, Canada, the United States, and Europe.