The virulent variant of a piece of adware appears in alternative appwinkels. Many AOSP users then fall back (which you saw earlier sometimes in the Netherlands, as Toshiba issued a tablet without Android Market) and malware therefore usually emerges much outside Europe. But security firm FireEye this time also sees infections in countries such as France, England and Denmark
.
FireEye States note that versions of the apps in the Google Play were available (with more than 100,000 downloads) but it was bare adware versions without the elements that make it really dangerous. This gesaniteerde versions circumvent Google’s Bouncer virtualized test environment.
The security company indicates that once installed, the apps updates can bring in malware elements. From captured communication with the C & amp; C does not seem to have happened. Obviously, because if the apps would be adjusted in such a way, Google could quickly get wind of it.
Ancient tricks of the PC era
Advanced malware attempting correctly longer unnoticed to stay. Last year it became clear that malware obfuscatietrucs effort to go unnoticed or spreads through hitched Windows PCs. The current range of malware disables antivirus apps out, hides and elicits several kernel exploits to gain extensive control over the device.
The days of bulky mobile malware is now clearly behind us. Like that time with the development of Windows malware, the authors focus on the most widely used mobile platform. The interesting thing about this malware is that it combines a lot of tricks to infect a large audience and avoid detection.
Android tricky target
The Linux kernel provides Android with authorization system make to conquer a target more difficult. We already described the three obstacles that must be overcome to make Android malware really effective and this is the first: automated exploits. This malware with different rootexploits for specific devices and exploits kernel level shows that work is under way.
It also threatens the second, more fundamental, and that is the sandbox obstacle that stands in the way. Apps can basically do not have to give you therefore explicit permissions to each other’s data and malware. That is to do with a piece of social engineering, but an attacker let that happen much prefer automated. Malware with root privileges can do kernel-level changes and then you as a user rather stayed in the monkey.
Mailing
Will the third obstacle, which is the distribution mechanism. Bouncer is not waterproof, but holds up to now much misery out the door. Binnenglippende malware is removed from Google Play soon as it is noticed by example appverificatie in Google Play Services. Google does not have a comprehensive inspection process, which ensures that the low threshold for developers to publish an app or create an iteration. That makes it open and accessible, but also more vulnerable.
The challenge for Google is in the rollout of patches critical holes. Take the bug in multimedia engine Stage Fright, which attackers can acquire deep rights on the system. There are still many devices in circulation, including phones with big names, which are vulnerable to a Stage Fright exploit
Sleep peacefully
Preliminary work already proven advice best.?: make sure that updates also be easily installed or install apk from unknown sources. That does not mean that we immediately secured for crap. The tactics of a seemingly harmless app in Play stop functioning as a downloader for such an exploit works but even before Google removed the app, but in the meantime, much damage is done.
No comments:
Post a Comment