Thursday, July 9, 2015

Do not install! Android malware masquerades as … – Trade

A new ‘malware’ for Android adds insult to injury by making users pay for the application that later will steal your data.


Palo Alto Networks found three variants of this malicious software, called Gunpoder that are passed through emulation applications for games Nintendo .

The antivirus are struggling to detect malicious code Gunpoder and is configured with a programming library of ‘adware’ called Airpush , by wrote Cong Zheng Zhi Xu , a member of the Unit 42 research group in Palo Alto.

Samples of malware successfully used these libraries advertising to hide usually malicious behavior detection by antivirus “writes Xu Zheng Zhi. “While antivirus engines to be labeled as adware Gunpoder, not directly labeled as malware , so most antivirus programs do not prohibit running Gunpoder”.

The Apps Gunpoder have a variety of invasive actions, including the collection of bookmarks or favorites and browser history. can also be sent to others via SMS , show fraudulent ads and run other codes

And the worst:. users come to pay for the ability to theft data . When an application starts Gunpoder, users are asked to buy a lifetime license for the emulator US USD 0.20 or USD 0.49, an amount that you can pay via PayPal or Moneybookers.


So far, Gunpoder seems destined to users of Iraq, Thailand, India, Indonesia, South Africa, Russia, France, Mexico, Brazil, Saudi Arabia, Italy USA and Spain, said Palo Alto Networks. However, this does not imply that this malware can not spread to other countries.

Interestingly, the malware is programmed to not send SMS to numbers in the contact list of a phone if the user is in China.

Its developers have also co-opted the programming library Airpush advertising with a fraudulent ad. “ The fraudulent ad tries to imitate a Facebook page requesting that victims lelnar a series of surveys and ask them to install multiple applications in order to receive a gift.”

LikeTweet

No comments:

Post a Comment