Quantcast

Most sophisticated Android malware yet has already infected millions

Discussion in 'Off-Topic Discussion' started by sparkyscott21, Apr 4, 2014.

  1. sparkyscott21

    sparkyscott21 Moderator Staff Member

    Joined:
    Nov 4, 2010
    Messages:
    7,280
    Likes Received:
    103
    Trophy Points:
    63
    Location:
    Northern Mich.
    [​IMG]




    Android is still the most targeted mobile platform out there in terms of mobile malware, considering the reports that keep detailing ways that hackers can take advantage of it for malicious purposes. But in most cases it’s Android users from certain regions of the world who are affected, because Google’s standard Android services aren’t available. A new report from The Hacker News details some new Android malware that may be the biggest threat to the operating system to date, and it may have already infected millions of devices.

    Called Oldboot, the malware is “designed to re-infect mobile devices even after a thorough cleanup.” Apparently, the program resides in the memory of infected devices, and it modifies “devices’ boot partition and booting script file to launch system service and extract malicious application during the early stage of system’s booting.”
    Versions of the program are so sophisticated that they can perform various stealthy operations including fighting detection and antivirus apps. The Oldboot family is the “most significant demonstration” of fighting against antivirus, malware analyzer and automatic analysis tools, according to researchers from Chinese security firm 360 Mobile Security.

    According to these reports, Oldboot.B Android Bootkit malware can install malicious apps silently in the background, inject malicious modules into system process, prevent malware apps from uninstalling, modify the browser’s homepage, uninstall and disable installed Mobile Antivirus software. The malware is even able to run code hidden in images, a technique known as steganography.

    Despite its advanced features though, it would appear that 360 Mobile Security has a free tool to detect and remove it.

    It’s not clear though what the purpose of the malware is, or where it’s being picked up from, but infected devices can apparently send fake SMS messages, start phishing attacks, and other activities. “Driven by profit, the Oldbook Trojan family changes very fast to react to any situation,” researchers said. It’s also not clear what devices are most likely to be infected, and whether certain devices are more prone to infection than others.

    Recently, a security report revealed that a security issue discovered in the baseband chip of certain Samsung devices would allow a hacker to control the infected device in a manner similar to what Hacker News described. However, there was no proof that anybody actually used the discovered backdoor for malware-related purposes.
    In order to significantly lower the risk of running into any malware apps, Android users should avoid installing apps from anywhere else other than Google – even so, despite Google’s increased security efforts, some malware apps still make it to the Google Play Store, although they’re yet to sneak in advanced features as described in these new reports.






    4-4-14

    Source
     
  2. retroben

    retroben Active Member

    Joined:
    May 3, 2013
    Messages:
    332
    Likes Received:
    46
    Trophy Points:
    28
    Only if the worst case scenario of us not getting the JellyBean NDK update...
    Maybe if Google TV devices are vulnerable to this,we can get another method for rooting the GS7/GS8 boxes that works on REL11.
    It would only be worth it if someone makes a hack for at least NDK support.
     

Share This Page

Search tags for this page

google tv infected