Saturday, January 7, 2012

Malware threatens Android phones - Part ||

In Malware threatens Android phones - Part | post we read how malware threats are increasing on Android platform. here in second part of Malware threats to Android phones" we will see some more applications which are more dangerous.

We read in earlier post how Android phones are now drawing crooks attention. It is easier to launch malware on Android. In most cases, the phones are being compromised by installation of certain applications that exploit the vulnerabilities Many of my friends who use iPhone said "Apple's  iPhone too has an app store but the applications that are available on the store are put through a stringent evaluation and it is a closed Eco-
system". In the case of Android , the eco- system is open and there are multiple app stores. That is precisely why the incidence of malware is high on Android phones.  "A map application with malware is more dangerous. It provides the exact location of the phone-user and it is great threat to the phone-user as a
person". Similarly, there are malware in the guise of application that track other forms of data, including mobile banking and the contact list.

A key difference between the early days of cybercrime targetting PC's and the current drift towards mobile platform is that cybercriminals are starting from scratch, There are circles within circles.For instance."SMS Privato Spy" is marketed as a app that allow buyers(read scammers) to spy on a smartphone user by doing such things as viewing the phone screen live, viewing call logs, performing GPS tracking and activating the phone's microphone to listen in on conversations. The only problem - besides such an app being an obvious invasion of privacy  - is that SMS Privato Spy doesnt exist! Those behind the scam go to great  lengths to convince potential buyers that it does exist. But all that the buyers get for their money is a lighter wallet.But there are malware that do exist. Even when bad apps are discovered, it does not solve the problem. 

Such malware is hard to uninstall. Instead of infecting  devices at one go, the attackers parcel their 'workload'-their malicious code. This is similar to a smuggler who evades detection by bringing in small amounts of the consignments over a period  of time, rather than sneaking in the entire lot in one attempt.
Smaller pieces are easier to hide. This strategy obviates a long permission list which can trigger suspicion and give their game away. 

A new version of malware called Android.Lightdd attempted this. The first payload performs reconnaissance
and intelligence-gathering(model, language, country ,IMEI, IMSI, IS version), followed by the downloading of additional payload.

Related Articles:


Post a Comment

Related Posts Plugin for WordPress, Blogger...follow