Researchers at Trend Micro security have discovered tricks used in a fake news app that can help this spyware mislead censor features source code of Google Play.
Accordingly, the application form, which was created by a hacker group Team - a company dedicated to providing the tools to exploit the vulnerability, as well as network attacks, will allow corporate customers to install spyware sneaks up mobile devices and especially we have the ability to "bypass" system of censorship is strict code on "Fair" online applications Google Play.
Ars Technica said Page, app called BeNews although less than 50 times to download from suspicious areas in the Google Play but basically that BeNews mining techniques have been used in other Android apps Team Hacker customers grow, and now this technique may also be copied by others who are trying to "transplant" malware on Android devices.
The security experts at Trend Labs Laboratory of Trend Micro said the BeNews is designed as a backdoor for malicious code likely to open the "backdoor" RCSAndroid developed by the Hacker Team.
Notably, according to the experts at Trend Micro, this trojan has deliberately used the name of a news website that no longer exists to mislead users as well as posing as an Android application perfectly legal.
Ars Technica The state, represented Trend Micro said it found the application's source code in the file BeNews of Hacking Team recently leaked, and guide customers to use.
Based on this, Trend Micro believes Hacking Team offers these malicious applications for customers to use as a lure users to download malicious software onto your Android device RCSAndroid.
Malicious application of technically Hacker Team will exploit a flaw "escalating powers" on the Android platform to be reported in the Summer 2014, which affects all versions of mobile operating systems from Android 2.2 (Froyo) to Android 4.4.4 (KitKat) as well as some other Android versions. In addition, this security flaw to be reported will affect other Linux versions.
According to Trend Micro specialists, attack methods and exploit vulnerabilities of BeNews not exist in the initial snippet of malicious code. Instead, the malicious code only requires three rights which are considered safe according to Google's security standards is no exploit code vulnerabilities found in applications.
However, after the application is downloaded and launched by the user, the malicious code automatically downloads additional code (code) additional harm, and from there use the new code generated to " escalation "powers on Android devices and on to the set on the" backdoor "RCSAndroid as ever mentioned above.
0 comments:
Post a Comment
Note: Only a member of this blog may post a comment.