[BLOG]: Beware the fake Google Play store that's actually ma

Post Reply
CrimsonShade
He's Technically Motivated
Posts: 122
Joined: 16 May 2011, 04:14
Location: England
Contact:
Contact CrimsonShade

[BLOG]: Beware the fake Google Play store that's actually ma

Post by CrimsonShade »

This is a blog post. To read the original post, please click here »

Cross-posted from Technically Motivated - Original Link. Techie Jinji and Crimsonshade are the same person.



Malware on Android is nothing new. In fact, stories about this very subject can be found on most major news websites or tech blogs on an irregular basis, perhaps approaching once a month if not more. Usually the malware is easy to identify with the right amount of attentiveness, with the wrong developer names, low quality icons or badly written descriptions on the download page being a dead giveaway; and even if you're foolish enough to download these, the failure of the app to work; or unexpected behaviour while it's running should usually grab attention. But what if the Malware looks and acts like the official store where you buy the apps in the first place?



This is the latest threat to Android users, discovered by effective Russian security firm Doctor Web. Known as the "Android.DDoS.1.origin" trojan, infected devices can be used for an array of malicious purposes including spamming text messages; and even DDoS attacks. Once installed, the app creates an icon that is an exact replica of the Google Play Store. Clicking it will still send you to the Store, but also activates the trojan, which runs silently in the background. The trojan will immediately try to connect to its Command and Control (C&C) server and if it does, the server operators are sent the victim's phone number. From here, the virus can receive texts from its operators, which are intercepted so the phone isn't aware of their receipt, telling it what to do next. These instructions can include a request to start DDoSing; at which point, the malware will spam a given target with quick bursts of data from the infected phone.



The DDoS attacks present a threat to the infected phone's user, who will find the data limits on their calling plans quickly used up unwittingly and criminally; and if enough phones attack the same location, it can also be bad for the receiving site, which may fail temporarily due to the sudden surge of traffic. Be careful out there!
Image
Image
Top
Post Reply

Return to “Technology”