The secret lies in the effect of social engineering and multiplication, in how convinces the innocent user to install an app and get infected with something unknown, this technique is unique and was used by a Chinese student 19 years. With that he “only” managed to infect, in just 24 hours, 100 000 Android phones.
We know a technique that, although beaten, worked and became a pest.
HeartApp is presented as a totally harmless app that appeals to love, one app dating, but in your balance already takes 100 000 smartphones infected with malware. Spent 24 hours and programming skills this student allowed with a simple SMS sent to 99 initial contacts, could trigger a brutal attack. This SMS included a link to download the app, which supposedly people would install on your Android.
After the users click on the link and unload a “real” app useless, but that requests permissions to access data smartphone, permissions that normally people do not read, accept logo, the malware works in the background collecting data on the smartphone that will also be sent to the creator of the virus.
After downloading the first application, the user will be faced with another request, this time is to download an additional app, a sort of “resource pack”, with which the hacker can make the terminal a bot and can read your SMS, send and emulate false messages in the box entry.
When is a process chain. Within seconds the machines are sending SMS to your contacts and begin to infect people who supposedly are receiving reliable messages. After dd detected this scheme, the major Chinese operators have managed to block more than 20 million messages, almost nothing. But still there are such 100 000 infected smartphones.
The danger of downloading APK from unknown sources
But why is this all reaches these proportions? Well, basically because in China Google has its Play Store and Androids out there do not use the official online store with apps that are not reliable. Are downloaded APKs for apps, and so have activated the “Unknown sources” option.
Only in this way can such a situation and also because it appeals to the ingenuity of the people, a user who does not have notion of these consequences, of how a simple application can capture private data, plus the costs associated
Via
<-.! -> <- – border-bottom
<-
Filed in category:
->
No comments:
Post a Comment