John P. Mello Jr., CSO / USA
Experts also identified other malicious code that is delivered through Mobile upgrade and steals banking codes SMS
Security researchers have identified two new types of threats for Android: A Trojan Horse that spreads via Bluetooth, and other malware that is delivered through Mobile upgrade and steals banking codes SMS.
“Backdoor.AndroidOS.Obad.a” was recently discovered by Kaspersky Lab in an Android app. The malware is a Trojan Horse multifunctional, you can send SMS messages to premium numbers, download malware and infect other devices via Bluetooth.
After receiving a command from a server operated by a cyber criminal, malicious code checks for devices near him, open Bluetooth connections, and try to send an arbitrary application, explained the specialist Kaspersky Lab, Roman Unuchek, on the company blog.
When Bluetooth was introduced, there was some experimenting with using it to infect machines, but nothing like what Kaspersky found. “It’s something we have not seen before in Bluetooth, except in a proof of concept,” said vice president of research for NSS Labs, Ken Baylor, in an interview, “and I never saw this in an implementation for Android.”
Obad backdoor is one of the most complex malware ever seen Android rivals and poorly written applications for Windows PCs. “The Backdoor.AndroidOS.Obad.a is closer to malware for Windows than other Trojans for Android, in terms of complexity and the number of vulnerabilities novel that explores” wrote Unuchek.
“Malware writers usually try to make the codes in their creations as complicated as possible to make life difficult for malware experts,” he added. “However, it is rare to see an occultation as advanced as the Obad.a.”
Even being so complex, added sophistication to Obad not seem to make the Trojan highly contagious. “Despite these impressive capabilities, the Backdoor.AndroidOS.Obad.a is not very widespread,” wrote Unuchek. “Over an observation period of three days using data from Kaspersky Security Network, attempts installation Obad.a made did not exceed more than 0.15% of all attempts to infect mobile devices with various malware.”
Another threat
kind of complexity Obad was not added to the new add-on for banking Trojan Bugat, discovered by researchers at RSA. The add-on, called BitMo, kidnaps security codes sent via SMS to banking customers in order to authenticate their identities.
“It is a simple sender of SMS,” said the expert on cybercrime RSA, Limor Kessem in an interview. “There is a ‘cheater’. He asks permissions like any other application.”
What is interesting about the malware is how the authors lead people to download. The victims are persuaded to be notified that need malware protection, and are requested to provide the phone number and the type of platform. Then they ask for the person to download the malware.
Once installed on your smartphone, the malicious app operates in the background, monitoring SMS messages. If he identify any that contains a bank code, he will hide it from the owner of the phone and send the message to the cracker.
No comments:
Post a Comment