Malware or malicious programs that target Android devices typically utilize social engineering and a false application to spread itself.
However, it later emerged a trojan that infects a PC and can " infect " Android gadget connected to the PC. It is somewhat unique because it has never encountered before.
The existence of a malicious program called Trojan.Droidpak was revealed by security firm Symantec reports.
" Previously we have ever come across Android malware targeting Windows systems... to insert the autorun.inf files on micro - SD, " said Symantec researcher Flora Liu, as quoted by PC World.
" But this time we find the opposite, namely that the Windows malware trying to infect Android devices, " said Liu.
Trojan.Droidpak first nested on a Windows PC to create a DLL file and registers her new service in order to stay active in the memory even if the computer has re - booted. He then download the APK file to be installed discreetly to your Android device connected to the PC in question.
This can be done when connected gadgets running Android USB Debugging mode. The mode generally used by application developers or users who will do the rooting.
The malware then make a false application on Google Play Store infected gadgets, complete with the same icon with the Google app store, but the name is slightly different, ie " Google App Store ".
Symantec also found that the malware is looking for certain online banking applications from South Korea, and then attempt to remove and replace it with another version that is already infected.
Trojan.Droidpak also intercept SMS messages sent from the device and sends it to the server control. From this, we can conclude the malware has a financial motive or purpose of stealing money.
Although the goal of targeting a particular country, do not rule out the possibility that other Android malware developers would emulate this new attack techniques.
To date, the method of transmission Trojan.Droidpak still has a weakness, which can only be run if the Android device to enable USB Debugging mode. Therefore Liu advises users to turn off the feature as a preventive measure.
However, it later emerged a trojan that infects a PC and can " infect " Android gadget connected to the PC. It is somewhat unique because it has never encountered before.
The existence of a malicious program called Trojan.Droidpak was revealed by security firm Symantec reports.
" Previously we have ever come across Android malware targeting Windows systems... to insert the autorun.inf files on micro - SD, " said Symantec researcher Flora Liu, as quoted by PC World.
" But this time we find the opposite, namely that the Windows malware trying to infect Android devices, " said Liu.
Trojan.Droidpak first nested on a Windows PC to create a DLL file and registers her new service in order to stay active in the memory even if the computer has re - booted. He then download the APK file to be installed discreetly to your Android device connected to the PC in question.
This can be done when connected gadgets running Android USB Debugging mode. The mode generally used by application developers or users who will do the rooting.
The malware then make a false application on Google Play Store infected gadgets, complete with the same icon with the Google app store, but the name is slightly different, ie " Google App Store ".
Symantec also found that the malware is looking for certain online banking applications from South Korea, and then attempt to remove and replace it with another version that is already infected.
Trojan.Droidpak also intercept SMS messages sent from the device and sends it to the server control. From this, we can conclude the malware has a financial motive or purpose of stealing money.
Although the goal of targeting a particular country, do not rule out the possibility that other Android malware developers would emulate this new attack techniques.
To date, the method of transmission Trojan.Droidpak still has a weakness, which can only be run if the Android device to enable USB Debugging mode. Therefore Liu advises users to turn off the feature as a preventive measure.
No comments:
Post a Comment
Terima kasih sudah berkomentar. Kunjungi juga Indobengkel.com