The world went on alert this week because a set of virus of Chinese origin has infected more than 10 million mobile and Colombia was one of the countries with the most victims in Latin America (140,000).
Behind the research is security firm Check Point Software, whose base of operations is in Tel Aviv (Israel).
Check Point Software has been investigating this campaign cybercrime from February and this week its analysts published an extensive study with details of the criminal operation, which have dubbed ‘HummingBad’.
what they discovered is film. These viruses were created by a reputable company online advertising called Yingmob.
The organization, which has vast resources, has offices in the plush Xingdu Plaza, located on the Beiqu Avenue Chongqing city. If you’re curious, you can visit their website:.. Www.yingmob.com
Apparently, it is a legal company
However, on the fifth floor of its offices there is a team of 25 people working to create malicious programs in a department called ‘development team for platforms outside’ (team for overseas development platform, in English). The name is a facade, of course.
As already mentioned, Yingmob is an expert in digital advertising. For these malicious programs are used to take control of Android devices, digital ads generate illegitimate fraudulent clicks and download applications. This Yingmob would be getting $ 300,000 monthly illegally.
There are applications of this company in at least 85 million Android devices. Yingmob has about 200 apps available for this operating system and an estimated 50 of them have viruses.
Most infected computers is in China (1.6 million) and India (1.4 million).
half of infected computers have version 4.4 of Android (KitKat) and 40 percent use the 4.3 (Jelly Bean). 7 percent of the compromised device operates with version 5.0 (Lollipop) and 2 percent Marshmallow (6.0), the latest available.
When the malware is installed on the team first tries to take control of it by force. If it fails, it will display a misleading window announcing a supposed system update. If the user gives you click on the window, will be granting the necessary permissions for the virus to control the device.
Check Point clarifies that this malicious program fails to obtain permits to control the system, this will have the ability to download fraudulent applications without the user’s knowledge
When any of the malicious applications Yingmob achieve installed, the cell will have strange behaviors. the screen will turn off and will turn on automatically; then begin to display different ads portals like ‘mobvista’ ‘cheetah’, ‘apsee’ or ‘startapp’. Even, the software will not let go to the home screen without clicking on ads.
Know prevent, identify and eliminate the virus.
What do with the malicious programs
1. Check Point recommends reset the computer to its factory settings if you suspect that is compromised by a malicious program.
2. You can also try to remove the ‘software’ malicious running a certified safety solution.
3. If still perceived suspicious behavior on your computer even though it restored to its factory settings, send it to a specialized service.
How to Prevent
These are some tips from security firm Kaspersky:
1. Avoid installing applications from other than official sources app stores.
2. If you install applications from unofficial sources it is inevitable, check the permissions that the application is requesting.
3. Read about the latest forms of propagation of ‘malware’. This will help detect an attempted attack.
4. Avoid clicking on links in messages from people you do not know or unexpected messages from friends.
5. Always use a virtual private network to connect to the Internet. This will help ensure that your network traffic can not easily intercept and reduces the likelihood that it can be injected ‘malware’ directly into a legitimate application downloaded from the internet.
6. Install a security solution on your device. There are free (like Avast and AVG Antivirus) and payment (such as Kaspersky, Symantec, Eset or McAffee).
EDGAR MEDINA
DRAFTING technosphere
No comments:
Post a Comment