Android fame deserves raised thumb. The telecom equipment firms are now flocking to bring over to Android with their products. However you should be alert, because now there is reportedly ready trojan targeting your Android!
This is not the first time, returning to action, Trojan HongTouTou aka ADRD is now repackaged and injected in popular applications and the Android application is distributed through the app store and forums, particularly in the community of users who speak Mandarin.
Reporting from Tim Strazzere of Lookout Mobile Security, this malware on the user request additional permissions Android and directly perform the executions hidden on the run without your knowledge. Including imitate you do a search or clicking on something.
"When you start opening applications that have been infected by Trojan HongTouTou, this application will send encrypted data containing the IMEI and IMSI data from your phone to the remote host. Furthermore, HongTouTou will receive a response to a search and targeted to a specific URL, he would imitate the search keywords and send it as a question. "Strazzere said.
"HongTouTou and then did a search using this keyword and then as if showing the top search results based on keyword and it will automatically click on that link. For the search engine, the search seems to be done by the owner of the phone by using a web browser with User-Agent as UCWeb. "
Not only that, the Trojans are even able to execute a command to download the APK file (Android Package File).
"Although we have not seen this Trojan installs GER, but GER is apparently used for monitoring the content of SMS and add relevant content contained within the SMS spam."
Currently HongTouTou Trojans broke the application marketplace China. Usually when you want to install third party applications, Android owners will get a notification to enable the installation of the "unknown sources".
"Currently HongTouTou has infected 14 Android applications such as the one RoboDefense. This application has been repackaged and injected with a trojan, to get his original version that has not been infected would be better if you download directly on Google's Android Market. "
By downloading directly from trusted sources, such as leading the app store, will reduce your risk of a trojan. Or if you still want to try the application out of it, you should check back who publishernya, reviews from the users of that application, the rating even features. If suspicious, could have been attacked by a trojan application.
This is not the first time, returning to action, Trojan HongTouTou aka ADRD is now repackaged and injected in popular applications and the Android application is distributed through the app store and forums, particularly in the community of users who speak Mandarin.
Reporting from Tim Strazzere of Lookout Mobile Security, this malware on the user request additional permissions Android and directly perform the executions hidden on the run without your knowledge. Including imitate you do a search or clicking on something.
"When you start opening applications that have been infected by Trojan HongTouTou, this application will send encrypted data containing the IMEI and IMSI data from your phone to the remote host. Furthermore, HongTouTou will receive a response to a search and targeted to a specific URL, he would imitate the search keywords and send it as a question. "Strazzere said.
"HongTouTou and then did a search using this keyword and then as if showing the top search results based on keyword and it will automatically click on that link. For the search engine, the search seems to be done by the owner of the phone by using a web browser with User-Agent as UCWeb. "
Not only that, the Trojans are even able to execute a command to download the APK file (Android Package File).
"Although we have not seen this Trojan installs GER, but GER is apparently used for monitoring the content of SMS and add relevant content contained within the SMS spam."
Currently HongTouTou Trojans broke the application marketplace China. Usually when you want to install third party applications, Android owners will get a notification to enable the installation of the "unknown sources".
"Currently HongTouTou has infected 14 Android applications such as the one RoboDefense. This application has been repackaged and injected with a trojan, to get his original version that has not been infected would be better if you download directly on Google's Android Market. "
By downloading directly from trusted sources, such as leading the app store, will reduce your risk of a trojan. Or if you still want to try the application out of it, you should check back who publishernya, reviews from the users of that application, the rating even features. If suspicious, could have been attacked by a trojan application.
0 comments:
Post a Comment