This malware forces users to grant him the right to superimpose genuine applications, send and read SMS, make calls, and more. Look here how to protect yourself.
Experts from the firm Kaspersky Lab have discovered a modification of the banking Trojan for mobile Gugi that exceeds the new security features of Android 6 designed to block phishing and ransomware. Thus the new modification of the Trojan forces users to grant him the right to superimpose genuine applications, send and read SMS, make calls, and more.
According to this report, malware spreads through social engineering and its use by cybercriminals is growing rapidly: between April and early August 2016, an increase of 10 times the number of victims was recorded. Meanwhile, your goal is steal the credentials of mobile banking users superimposing banking applications with applications phishing, and steal details credit card overlaying application store Google Play.
at the end of 2015, version 6 operating system Android was launched with new security features specifically designed to block such attacks. Among other things, applications now need user permission to superimpose other applications and request approval the first time they want access to actions such as sending SMS and making calls. However, experts in anti-malware have revealed a modification of the Trojan Gugi that can successfully and vadir these two new features .
The initial infection with the modification of the Trojan is performed through social engineering, usually through a SMS spam that encourages users to click on a malicious link. Once installed on the device, the Trojan seeks the rights you need. When ready, the malware displays the following message on the user’s screen: “Additional permissions for running graphics and windows are required.” Only offers a button as an option. “Grant”
When the user clicks the button, you see a screen asking permission to superimpose applications. After receiving this permission, the Trojan blocks the device screen with a message requesting rights “ Device Manager ” and then asks permission to send and read SMS and make calls.
If the Trojan does not receive all the permissions you need, completely blocks the infected device. If this happens, the only option for the user is to reboot the device in safe mode errors- “ safe mode ” – and try to uninstall the Trojan, an activity that becomes more difficult if the Trojan has won the rights to “Device Manager”
in addition to these elusive security and other features, Gugi is a typical banking Trojan. steal financial credentials, SMS and contacts, making requests for USSD and sending SMS under the command server address. To date, 93% of those attacked by the Trojan Gugi users are based in Russia , but the number of victims continues to rise. In the first half of August 2016, 10 times more victims than in April this year were recorded
How to protect is recomedable that Android users to follow the following tips.?:
– Do not accept grant rights and permissions automatically when an application is what solicite- think about what and why it is asking
-. Install an anti-malware solution on all devices and keep the operating system software updated
-. Avoid clicking on links in messages from people you do not know or unexpected messages known
-. Exercise caution at all times when visiting websites: If something seems a bit fishy, it probably is
– 
No comments:
Post a Comment