New Android Malware Worm catched by ESET - BestCyberNews: Online News Presenter in the present world

BestCyberNews: Online News Presenter in the present world

Start knowing

Breaking

Home Android Cyber Alerts Cyber Attacks Cyber News Cyber Security Malware New Android Malware Worm catched by ESET

New Android Malware Worm catched by ESET

New piece of Android malware has been spotted this week. The threat, detected by ESET security products as Android/Samsapo.A, uses a technique typical of computer worms to spread itself.

 The main characteristic feature of any computer worm is that it uses a more-or-less automated mechanism for spreading and finding new victims.

The “more automated kinds” are able to crawl networks and infect vulnerable hosts, whereas the more common types usually spread either as email attachments, through removable media or through URL links in emails, IM or Facebook messages.

 These types of worms also rely on social engineering to convince the user to click on the link and run the malware. Android/Samsapo.A also falls into this category, when running on an Android device, it will send an SMS message with text “Это твои фото?” and a link to the malicious APK package to all of the user’s contacts. As mentioned above, this technique wouldn't raise an eyebrow on Windows, but is rather novel on Android.

Few days earlier Fake Antivirus named “Virus Shield” on Google Play Store fools thousands of users and Google paid the refund to clients.

Here are a few additional details about the threat:
  • It tries to appear as a system utility (the package name is “com.android.tools.system v1.0″)
  • Has no GUI and no icon in the application drawer
  • Acts as a downloader: can download additional (malicious) files from specified URLs
  • Acts as spyware: can upload personal information from the device, including phone numbers and text messages, to a remote server
  • Acts as an SMS-trojan: register the phone number into a premium-rate service
  • Can block phone calls
  • Can modify alarm settings
The worm is targeted mostly against Russian Android users. We will keep you posted when the threat evolves or spreads to other regions. Users can protect themselves effectively if they:
  • Restrict the installation of applications from unknown source
  • Stay alert and don’t fall for common social engineering tricks
  • Use an updated anti-malware solution on their Android device
Author Venkatesh Yalagandula Follow us Google + and Facebook and Twitter

Tags
Author Image

Labels: , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)