Symantec announced on Thursday (23) the discovery of a new Windows-based malware, whose purpose is to infect devices that feature the Android operating system. Call Trojan.Droidpak, the infection looks for devices connected to the PC to make the infection.
Protect your Android from viruses, malware, spyware and trojans
infection masquerades as Google App Store (Photo: Playback / Symantec)
Droidpak works by registering a malicious DLL as a system service, by downloading a configuration file from a remote server. Then it parses this file to download an APK to your computer and, if necessary, tools that allow this action, as the Android Debug Bridge (ADB). The APK is saved locally% Windir% CrainingApkConfig AV-cdk.apk.
Once installed, the malware tries to place the apk on any Android device that connects to the computer. When it detects a target, the virus repeats the installation until the infection is confirmed, which requires that the USB debugging mode is enabled on the device.
APK installed is a variation of Android.Fakebank.B and appears as an application from App Store, but your goal is to find Korean banks online applications and prompts users to erase and install in its place malicious versions. Moreover, the Fakebank intercepts SMS messages, sending a copy to a website.
To avoid infection, Symantec recommends that users turn off USB mode debugging Android, avoid connecting it to untrusted computers and install reliable security software.
What is the best mobile browser for Android? See in TechTudo Forum.
No comments:
Post a Comment