Mobile malware grows and multiplies. It was discovered a new Android malware that can intercept incoming text messages and send cybercriminals later . Once installed, the Trojan can be used to steal confidential messages or, more worryingly, to gain the codes used to confirm the online banking.
malware, detected as “Android.Pincer.2.origin” by the Russian security firm Web Doctor is the second version Android.Pincer family, according to the company. Both threats spread like safety certificates , which means they must be deliberately installed on an Android device by a careless user or cheated, according to TNW.
Android.Pincer.2.originlaunch
, you will see a notification about the correct false certificate installation, but after that announcement the Trojan does not perform any significant activity for a time. The malware is loaded at startup CheckCommandServices through a service running in the background.then connects to a remote server and sends it through the next information on mobile to those responsible for the attack: phone model, device serial number, IMEI, support, mobile phone number, the default language of the system, the operating system and the availability of the root account.
then waits for instructions containing commands in the following format: command: [command]. Doctor Web has found these instructions that criminals can be sent to the Trojan: Start_sms_forwarding [phone number] (start the interception of communications of a specified number) , Stop_sms_forwarding (stop interception), Send_SMS [phone number and the text] (send a short message with the specified parameters), Simple_execute_ussd (send an USSD), Stop_program (stop working), show_message (display a message on the screen of the mobile device), Set_urls (change control server address), Ping (send a SMS with the text “pong” to a pre-specified number) and Set_sms_number (change the number to which to send messages containing the text string “pong” ).
Despite its potential hazard, Android.Pincer.2 not too spread . Not found on Google Play, where most Android users get their apps, and seems destined to precise attacks, not to a massive number of users.
Now you can read articles on Google Currents ITespresso Subscribe
No comments:
Post a Comment