always spoke of serious security vulnerabilities that have the Android operating system.
the immense respect that is stored at Google, few dare to pursue the subject. However, this week published an important story that should interest all users of Android tablets and phones.
Researchers have discovered a new malicious program that takes possession of the computer with administrator blocking any attempt to be detected. The new program called Obad, exploiting these flaws in the operating system to take step in the system.
According to Kaspersky Lab, this newly discovered worm is so far the “most sophisticated” and was based precisely on a vulnerability that lets you take control of Android mobile equipment (designed for phones), malware, technically known as Backdoor . AndroidOS.Obad.a, described as a “Trojan multifunction.”
Like most mobile malware made it illegal for profit. Obad is mainly an SMS Trojan that sends text messages (SMS) to premium numbers, ie those numbers which raises money for each text message arrives. SMS Trojans are the most common form of mobile malware, according to Kaspersky and other security vendors.
How does ObadAccording to the report, the authors Obad discovered and exploited a previously unknown vulnerability in the Android operating system in relation to the form. In Android processing a file called AndroidManifest.xml, a standard component of all applications that describes the structure and operation of the application to the operating system.
According to Kaspersky, Obad “AndroidManifest.xml changed so that does not meet Google standards, but it is still correctly processed on a smartphone.”
A second vulnerability allowed the authors of Obad get administrator privileges on infected devices, without appearing in the list of applications that have these privileges.
As a result, studies say it is not possible to remove the device Obad, infected after he won privileges. Once running on an Android, malware Obad collects information from the device, which is passed back to command and control based on Internet servidors (C & C).
Among the information collected is the phone number, IMEI (unique identifier), the operator’s name and account balance.
Like many malware Obad is modular, with the ability to receive software updates directly from the servers (C & C) controlled by the attackers. Malware can be updated automatically via text message to request to connect to your server (C & C) or send a message to predetermined directions.
Mobile malware is rare, at least compared with malware for the Windows platform. However, the population of mobile malware is growing rapidly.
Vendors like Kaspersky Lab and McAfee have reported an increase in mobile malware in 2012 and 2013, almost all of the same orientation Android. In February, McAfee had 36,699 mobile malware samples, 95% of which were identified in the last 12 months.
Research by Kaspersky Lab found that Android is the most favored platform for mobile malware. Apparently Android is becoming objective in developing Malware Microsoft Windows and was in the PC world.
At a conference on security, a Google representative said the company employs over 300 security engineers and are comfortable with the attention that is being given. He said that Google was reluctant to take too prominent a role in monitoring the contents of the app store Google Play.
According to them, users must “have options” about what to put on your phone and choose between the official and unofficial stores.
No comments:
Post a Comment