Displaying items by tag: Trojan

App Stores have been around for a while and pretty much everyone has one. Although they started off in the mobile device world, they quickly were bolted on to the other areas. As their usage has grown attackers have found them to be a very valuable resource as well. We have seen poisoned apps across just about every platform and the sophistication of them is increasing as well.

Microsoft’s Threat Intelligence team has recently disclosed their discovery and analysis of a new malware family. The malware in question is being tracked as a Trojan named UpdateAgent. The team has been watching as it progressed from a simple information stealer for the macOS to much more sophisticated capabilities including being able to bypass the macOS Gatekeeper security function.

The Russian team from Dr. Web today announced they have spotted a new Trojan for Android, which they named Android, well TheAndroid.DDoS.1.origin. It's not clear how the Trojan spreads - it is assumed that the authors use social engineering; affected users thought that they were installing legitimate software from Google on their smartphones. This is a very common tactic in the relatively open Google Play store and has been one of the problems that both Apple and Microsoft have used against Google in their battle for smartphone supremacy.

It is no longer a secret that along with the development of operating systems for smart phones, viruses, hacks and other malicious software for them is also developed. We could almost say that the viruses from the computer are moving to mobiles. One of the latest pieces of malicious software that was detected by specialists from CA Technologies is a Trojan horse that is able to record all your phone calls and store them on hacker’s servers.

There is trouble in the Google Play Store as someone (Symantec) has discovered a Trojan downloader application that appears to be rather prevalent in the form applications masquerading as different applications (two of the most downloaded were Mario Brothers and GTA 3 Moscow City). The new malware appears to be concentrating on the Eastern European area right now as it utilizes premium SMS services that are tied to specific regions using certain numbers.

Once upon a time Apple’s CEO and PR department constructed a mythology around the computers and devices that they sold. This mythology was needed to compete in the market and at the time was very good for business (even if it was less than honest). The mythology in question was that Apple products were somehow manufactured differently (or better) and that they were unable to become infected with malicious code that we all have come to know and loathe; the computer virus.

Not that long after Windows XP hit the market a very handy little flaw was found (one of many) that would be the start of a great love/hate relationship with this OS. Even today with Windows XP holding a only a little more than 50% of the PC market the venerable OS accounts for more than 60% of rootkits and something like 80% of the known malware and viruses. What does this have to do with mobile phones? Well is goes something like this; when you buy a mobile phone it comes preinstalled with the OS (usually some derivative of Linux). This OS allows you to setup some rather weak security (a reversible password for screen access). However underneath there are usually two accounts that everything runs on. There is the root account which is the master admin account and has rights to do just about anything. Then there is a mobile user account. This is the account that the UI and all applications run under. The problem? Well every phone out there from each manufacturer uses the same passwords for each (this may actually differ a little between handsets depending on the manufacturer). Yup that is right, if I can guess or hack the root password on one phone; I know them all for that line.

This handy little flaw has been shown on Apple, HTC, Google, Samsung (and just about all Android Phones). Where this becomes important is during application installation. It is during that time that some installers will (or can) access the root account of the phone. If a piece of malware written for your phone OS does this then you can be in a world of trouble.

CA Technologies has been tracking a new brand of malware for the Android platform. It started off by just logging the details of incoming and outgoing calls, but now has moved into actually being able to record these calls and transmit them back to a central server. The days of just installing any app that catches your eye is gone (it never really should have existed anyway). Now more than every Smart Phone users need to be careful what they allow their apps to do. As an extra precaution grabbing a mobile security app like Lookout or Similar for that extra level of protection is a good idea. Just like XP what we think of as secure, turns out to be full of holes after all.

Source and picture CA Technologies

Discuss this in our Forum