Kaspersky Lab: Trojan Triada guise Android Game Apps - Hy Friend Expo, This Article title is Kaspersky Lab: Trojan Triada guise Android Game Apps, I hope useful for you.
Kaspersky Lab: Trojan Triada guise Android Game Apps
Kaspersky Lab: Trojan Triada guise Android Game Apps
According to Kaspersky Lab research on the Mobile Virology recently, nearly half of the 20 top in 2015 Trojan is a malicious program with the ability to gain super-user privileges. Super-user permissions This gives cyber criminals flexibility to install applications on the device without the user's knowledge.This type of malware is spread via an application that users download / install from an untrusted source. Applications of this type can sometimes be found on the official application store, Google Play, which is disguised as games or entertainment applications. They can also be installed during upgrade of the popular applications on the device, and sometimes when pre-installed on mobile devices. Devices that are most at risk is that using the Android OS 4.4.4. and earlier versions.
There are 11 types of mobile Trojans are known to use root privileges. Three of them - Ztorg, Gorpo and Leech - mutually cooperate with one another. This Trojan infected devices usually organize themselves into networks, creating a kind of botnet form of advertisements so that the perpetrators of threats can use it to install various types of adware.Do not just stop there, shortly after rooting the device, these Trojans download and install backdoor. Furthermore backdoor akann download and activate the two modules that have the ability to download, install and run the application.App loader module installation along with customized according to the type of Trojan, but all of them have been listed in the Kaspersky Lab antivirus databases with names - Triada.
How it Works Trojan TriadaA distinguishing feature of this malware is the use Zygote - the parent of the application on the Android device - which contains system libraries and frameworks used by any application that is installed on the device. In other words, the zygote is a daemon that aim to launch the Android app. And this is a standard application process that runs when a new application is installed. It also means that as soon as the Trojan into the system, will immediately become part of the application process and pre-installed into the app launching what is contained in the device and can even change the operating system from the application.For the first time the use of such technology is detected. Previous Trojan that uses Zygote only considered proof-of-concept only.Stealth capabilities of this malware is very sophisticated. After logging in to the user's device, Triada applied in almost every work process and continue to exist in the short-term memory. This made it almost impossible to be detected and removed using anti-malware solution. Triada operate silently, which means that all malicious activities are well hidden from the user and from other applications.The complexity of Trojan functionality Triada attest to the fact that cyber criminals are very professional, with a deep understanding of targeted attacks on mobile platforms, an actor behind this malware.Business Model Trojan Triada
Triada Trojan can even modify outgoing SMS messages sent by other applications. It has now become the main function of malware. When users perform in-app purchases via SMS for Android gaming, cyber criminals tended to modify outgoing messages so that those who received the money instead of game developers."Trojan Triada either Ztrog, Gorpo and Leech marks a new stage of evolution of the threat of Android based. They are the first malware that spread widely and has the potential to improve their ability in most devices. The majority of users were attacked by Trojan is located in Russia, India , Ukraine and the countries of Asia Pacific. We can not underestimate the threat of malicious applications that managed to get root access to the device. the main threat to them, as shown by Triada, they are able to provide access to malicious applications that are far more advanced and dangerous to the device .
They also have excellent architecture developed by cyber criminals with a thorough knowledge of a targeted attack against a mobile platform, "said Nikita Buchka, Junior Malware Analyst, Kaspersky Lab.Because it is almost impossible to remove this malware from the device, the user only has two options to be able to get rid of it. The first was rooting on their devices and remove malicious applications manually. The second is to do the jailbreak Android system on the device.Kaspersky Lab products detected the Trojan component Triada as: Trojan-Downloader.AndroidOS.Triada.a; Trojan-SMS.AndroidOS.Triada.a; Trojan-Banker.AndroidOS.Triada.a; Backdoor.AndroidOS.Triada.
Kaspersky Lab: Trojan Triada guise Android Game Apps
Kaspersky Lab: Trojan Triada guise Android Game Apps
Kaspersky Lab: Trojan Triada guise Android Game Apps
According to Kaspersky Lab research on the Mobile Virology recently, nearly half of the 20 top in 2015 Trojan is a malicious program with the ability to gain super-user privileges. Super-user permissions This gives cyber criminals flexibility to install applications on the device without the user's knowledge.This type of malware is spread via an application that users download / install from an untrusted source. Applications of this type can sometimes be found on the official application store, Google Play, which is disguised as games or entertainment applications. They can also be installed during upgrade of the popular applications on the device, and sometimes when pre-installed on mobile devices. Devices that are most at risk is that using the Android OS 4.4.4. and earlier versions.
There are 11 types of mobile Trojans are known to use root privileges. Three of them - Ztorg, Gorpo and Leech - mutually cooperate with one another. This Trojan infected devices usually organize themselves into networks, creating a kind of botnet form of advertisements so that the perpetrators of threats can use it to install various types of adware.Do not just stop there, shortly after rooting the device, these Trojans download and install backdoor. Furthermore backdoor akann download and activate the two modules that have the ability to download, install and run the application.App loader module installation along with customized according to the type of Trojan, but all of them have been listed in the Kaspersky Lab antivirus databases with names - Triada.
How it Works Trojan TriadaA distinguishing feature of this malware is the use Zygote - the parent of the application on the Android device - which contains system libraries and frameworks used by any application that is installed on the device. In other words, the zygote is a daemon that aim to launch the Android app. And this is a standard application process that runs when a new application is installed. It also means that as soon as the Trojan into the system, will immediately become part of the application process and pre-installed into the app launching what is contained in the device and can even change the operating system from the application.For the first time the use of such technology is detected. Previous Trojan that uses Zygote only considered proof-of-concept only.Stealth capabilities of this malware is very sophisticated. After logging in to the user's device, Triada applied in almost every work process and continue to exist in the short-term memory. This made it almost impossible to be detected and removed using anti-malware solution. Triada operate silently, which means that all malicious activities are well hidden from the user and from other applications.The complexity of Trojan functionality Triada attest to the fact that cyber criminals are very professional, with a deep understanding of targeted attacks on mobile platforms, an actor behind this malware.Business Model Trojan Triada
Triada Trojan can even modify outgoing SMS messages sent by other applications. It has now become the main function of malware. When users perform in-app purchases via SMS for Android gaming, cyber criminals tended to modify outgoing messages so that those who received the money instead of game developers."Trojan Triada either Ztrog, Gorpo and Leech marks a new stage of evolution of the threat of Android based. They are the first malware that spread widely and has the potential to improve their ability in most devices. The majority of users were attacked by Trojan is located in Russia, India , Ukraine and the countries of Asia Pacific. We can not underestimate the threat of malicious applications that managed to get root access to the device. the main threat to them, as shown by Triada, they are able to provide access to malicious applications that are far more advanced and dangerous to the device .
They also have excellent architecture developed by cyber criminals with a thorough knowledge of a targeted attack against a mobile platform, "said Nikita Buchka, Junior Malware Analyst, Kaspersky Lab.Because it is almost impossible to remove this malware from the device, the user only has two options to be able to get rid of it. The first was rooting on their devices and remove malicious applications manually. The second is to do the jailbreak Android system on the device.Kaspersky Lab products detected the Trojan component Triada as: Trojan-Downloader.AndroidOS.Triada.a; Trojan-SMS.AndroidOS.Triada.a; Trojan-Banker.AndroidOS.Triada.a; Backdoor.AndroidOS.Triada.
Kaspersky Lab: Trojan Triada guise Android Game Apps
Kaspersky Lab: Trojan Triada guise Android Game AppsI hope useful for you.
0 Komentar untuk "Kaspersky Lab: Trojan Triada guise Android Game Apps"