According to a report from F-Secure, published last year, over 97% of mobile malware was designed to attack devices that use the Android operating system. However the actual rate of infection is surprisingly low in certain areas of the world and other very high as China or Russia. The reason for this happening is related to the Android versions used in cheaper devices that are usually based on Android Open Source Platform (AOSP), thus not paying royalties to Google to use the operating system associated services such as Google Play Store. In turn this means that the users of these devices use stores or repositories of applications that are not as controlled as the store of Google and so installing applications that end up infecting their equipment.
2000-2013 Mobile threats. Source F-Secure
However, reports website The Hacker News, was recently detected a new type of Android malware that can even escape the monitoring mechanisms of Google and therefore may already be installed on millions of devices worldwide.
Infection rates by country. Source F-Secure
This new family of malware called oldboot and was re-designed to infect mobile devices, even after they have been cleaned with antivirus software. The oldboot is what is called a bootkit because it alters the partition and boot file of infected devices. These changes activate a service that extracts and installs the malware itself in the early stages of the boot.
There are a few variants of this bootkit that have different capacities to be completely invisible to any software viruses. One of the most aggressive variants is Oldboot.B Android Bootkit who can install malicious applications in the background, inject malicious software modules in the system processes, prevent applications antivirus remove infected apps, change the homepage of the browser and still remove or turn off antivirus apps that you can install to try to resolve the situation. This malware has the ability to perform that comes hidden in image files code. According to the website The Hacker News, Security 360 has a tool (site in Chinese) able to detect and remove this malware .To prevent infections that users should always use the official store of Google or trust stores to install their apps.
More info here.
Via BGR, The Hacker News
No comments:
Post a Comment