Monday, March 8, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Gaming, photo apps in Google Play infect Android handsets with malware

October 13, 2019
in Internet Security
Gaming, photo apps in Google Play infect Android handsets with malware
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

New variant of trojan malware puts your personal information at risk
NanoCore RAT can steal passwords, payment details, and secretly record audio and video of Windows users.

Researchers have found a multitude of seemingly legitimate apps squatting in the Google Play Store that are hiding malicious secrets. 

You might also like

eSafety defends detail of Online Safety Bill as the ‘sausage that’s being made’

Maza Russian cybercriminal forum suffers data breach

Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud

On Wednesday, antivirus software provider Dr. Web said that the applications were discovered in September and included banking Trojans, adware, spyware, and data stealers. 

According to the team, the apps pretended to be legitimate services including games, utilities, photography software, and photo galleries.

The Android.Joker family was found to be embedded in Android utilities, camera plug-ins, and image editors, among other software. 
 
Joker contains some of the typical functionality of a Trojan, including the installation of a backdoor to maintain persistence, the theft of sensitive handset and user data, and a particular proclivity towards stealing financial information. 

See also: InnfiRAT malware lurks in your machine to steal cryptocurrency wallet data

However, the team says Joker is also able to automatically subscribe victims to premium mobile services without their knowledge. 

“To confirm the subscription, they hook verification codes from text messages,” the team says. “The Android.Joker malware also transfers the data from victims’ contact lists to the command and control server.”

Another sample of note was the Android.Banker.352.origin banking Trojan, found within the YoBit cryptocurrency exchange app. When launched, the malware displays a fake authentication message within a window, asking users to input their credentials. 

If a victim fell for the scheme, these credentials would be whisked off to a command-and-control (C2) server controlled by the Trojan’s operators and an error message would be displayed. 

Android.Banker.352.origin is also able to monitor and steal two-factor authentication (2FA) codes from text messages and emails sent to infected handsets, thereby giving attackers all the information they need to compromise cryptocurrency wallets owned by victims.

Dr. Web added that the malware contains functionality allowing it to grab and block notifications from instant messaging software and email clients. 

Another banking Trojan, dubbed Android.Banker.347.origin, was also spotted targeting Brazilian credit service customers. 

Where this malware was found is of interest. The Trojan was embedded within an app called Encontre Mais, advertised as a means to locate family members. In reality, Android.Banker.347.origin leverages the Android Accessibility Service to steal sensitive data from handsets and a recent upgrade to the malware has also opened up the possibility of automatically displaying phishing websites. 

CNET: Find a stolen laptop with free LockItTight service

Trojan downloaders, too, were not missing from the researcher’s findings. Samples including Android.DownLoader.920.origin and Android.DownLoader.921.origin were spread through Android gaming applications and on execution attempt to download further malware payloads. 

Other malware samples harvested from Google Play include adware from the Android.HiddenAds family, mainly hidden within games and other software. After launch, the adware buries its icon and displays advertising banners, and may also attempt to download and install APK files. 

The team found a variety of spyware apps, too, in Google Play. Spyware is malware designed not only to steal information including message content, contacts, and potentially GPS location data, but also enables remote control — including the monitoring of texts, phone calls, and online activity. 

TechRepublic: 70% of businesses report Pass the Hash attacks directly impact operational costs

Dr. Web says that over September, new versions of spyware were uncovered in Android apps including Program.Panspy.1.origin, Program.RealtimeSpy.1.origin, and Program.MonitorMinor. 

In related news last week, researchers from Czech Technical University, UNCUYO University, and Avast published research on a massive malware operation targeting Android users. 

The scheme has been running since at least 2016 and combines both the “Geost” botnet and banking Trojans. It is believed up to 800,000 Android users have been impacted and data including names, handset information, and locations may have been stolen.

ZDNet has reached out to Google and will update if we hear back. 

Previous and related coverage


Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0


Credit: Zdnet

Previous Post

Money Market Funds Foretell Punishing Reversal for Stocks Mirroring 2008 Financial Crisis

Next Post

Louis Pasquale, MD: Evolution of Technology in Ophthalmology

Related Posts

Bill establishing cyber abuse takedown scheme for adults enters Parliament
Internet Security

eSafety defends detail of Online Safety Bill as the ‘sausage that’s being made’

March 8, 2021
Maza Russian cybercriminal forum suffers data breach
Internet Security

Maza Russian cybercriminal forum suffers data breach

March 7, 2021
Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud
Internet Security

Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud

March 7, 2021
CISA issues emergency directive to agencies: Deal with Microsoft Exchange zero-days now
Internet Security

CISA issues emergency directive to agencies: Deal with Microsoft Exchange zero-days now

March 7, 2021
Linux distributions: All the talent and hard work that goes into building a good one
Internet Security

Linux distributions: All the talent and hard work that goes into building a good one

March 7, 2021
Next Post
Louis Pasquale, MD: Evolution of Technology in Ophthalmology

Louis Pasquale, MD: Evolution of Technology in Ophthalmology

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Top 6 Regression Techniques a Data Science Specialist Needs to Know
Data Science

Top 6 Regression Techniques a Data Science Specialist Needs to Know

March 8, 2021
Dataiku named as Gartner Leader for Data Science and Machine Learning
Machine Learning

Dataiku named as Gartner Leader for Data Science and Machine Learning

March 8, 2021
Bill establishing cyber abuse takedown scheme for adults enters Parliament
Internet Security

eSafety defends detail of Online Safety Bill as the ‘sausage that’s being made’

March 8, 2021
An Easy Way to Solve Complex Optimization Problems in Machine Learning
Data Science

An Easy Way to Solve Complex Optimization Problems in Machine Learning

March 8, 2021
Machine Learning Patentability In 2019: 5 Cases Analyzed And Lessons Learned Part 4 – Intellectual Property
Machine Learning

Podcast: Non-Binding Guidance: FDA Regulatory Developments In AI And Machine Learning – Food, Drugs, Healthcare, Life Sciences

March 8, 2021
Here’s an adorable factory game about machine learning and cats
Machine Learning

Here’s an adorable factory game about machine learning and cats

March 8, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Top 6 Regression Techniques a Data Science Specialist Needs to Know March 8, 2021
  • Dataiku named as Gartner Leader for Data Science and Machine Learning March 8, 2021
  • eSafety defends detail of Online Safety Bill as the ‘sausage that’s being made’ March 8, 2021
  • An Easy Way to Solve Complex Optimization Problems in Machine Learning March 8, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates