A new evil Android Trojan launched off-road applications appears in the market, according to researchers at Kaspersky, who claim that malware have so many different capacities that this is a "game of all".
The malware, the so-called "Loapi" ads can be displayed, redirect web traffic, launch DDoS attacks, send SMS messages, download and install other applications and "extract" to the cryptocurrency of Monero. It makes the last feature so intense, Kaspersky researchers on the threat in a publication said, the battery of one of his overheated and expanded test phones, partly from the battery compartment.
The criminals behind Loapi send it via online ads that are supposed to be for Android porn and antivirus applications. If you click on one of the ads, you'll be taken to a website where you can download the fake app.
To prevent infection, make sure the Unknown Sources option is disabled under Security -> Preferences (default) and install a recent Android antivirus application from the Google Play Store.
Among other things, icons on a screen in the Kaspersky blog, legitimate anti-virus Loapi repressed Android apps AVG dfndr Mmm, Kaspersky Lab, Norton, Avira, dr. Web and CM security, could close. There were also a dozen icons, some blurry, from pornographic pages, but Tom's Guide does not check them out.
If you install any of the fake AV or porn applications, the application will immediately prompt for the administrator permissions of the device, giving it the same performance as the device. (Some antivirus applications require these permissions).
Needless to say, granting the fake privileges of the application's device manager will pulverize it. The app can do almost anything now. If you try to revoke the privileges of the administrator of the device, the fake application will lock the screen and even true malicious applications will simply invite you to "prove" that you are really anti-virus software.
"Loapi is an interesting representative of the world of malicious Android applications," said Kaspersky researchers. "Developers have implemented almost the full range of target device techniques: the Trojan horse can subscribe to paid services, send SMS to any number, generate traffic, and earn money through broadcasting ads that use a device's processing power to extract Cripton files, and perform a variety of actions on the Internet for the user / device.
"The only thing missing is the spying on the user, but the modular architecture of this Trojan means it's possible to add that kind of functionality anytime."
Kaspersky team has not specified the type of test phone Loapi said, however, that the heat generated by the process of extraction and injection battery swelled and partially detached the back cover of the phone after two days. We can imagine that an infected phone could be old and slow for a long time, which could lead to flammable results.
Hello, my name is Jack Sparrow. I'm a 50 year old self-employed Pirate from the Caribbean.
No comments:
Post a Comment