ExTS Admin Starbuck Posted April 3, 2018 ExTS Admin Posted April 3, 2018 Security company warns of new Android malware in the wild Android devices are being targeted by a new form of malware that is specifically aimed at stealing private conversations on IM applications like Facebook Messenger, Skype, Telegram, Twitter, Viber, and others. The malware, which was detected by Trustlook (via FossBytes), has the capabilities to modify the “/system/etc/install-recovery.sh” file in order to start at every boot, thus making sure that it can extract instant messaging data even if the device is restarted. The first infected application is called Cloud Module and is spreading in China as package name com.android.boxa. It hasn’t yet reached the Google Play Store, and most likely the malware is supposed to target devices using non-store distribution tactics, such as email and downloads from third-party hosting sites. Chats uploaded to remote server In other words, Android users who only install apps from the Google Play store should be safe. While Android security solutions could detect the Trojan, Trustlook warns that the malware was designed to avoid detection, including anti-emulator and debugger detection techniques that make it possible to bypass dynamic analysis. “Code obfuscation/hiding increases the malware author’s ability to avoid detection and becomes a sophisticated challenge to anti-virus software,” Trustlook notes in its analysis Once the malware manages to compromise an Android device, it automatically looks for conversations in the said applications. The data is extracted and then sent to a remote server. The security vendor says the server’s IP address is mentioned in the malware configuration file, allowing the Trojan to operate without any further command send by the author. The full list of instant messaging apps that are being targeted by the malware is available below, and keep in mind that as long as you stick with legitimate download sources for Android apps, this new form of malware is highly unlikely to compromise your device. Also, if you’re running third-party security software, updating it should help block any possible intrusion. Source: New Android Virus Extracts Your Facebook, Skype, Telegram Messages Quote Member of:UNITE
ExTS Admin AWS Posted April 3, 2018 ExTS Admin Posted April 3, 2018 I am seeing a trend where hackers are leaving Microsoft alone for the most part and spending that time on the most popular phone OS. Quote Need computer support? Then why not join Free PC Help. Register here We are members helping other members. Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs.
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.