Malware threatens Android phones - Part ||

In Malware threatens Android phones - Part | post we read how malware threats are increasing on Android platform. here in second part of Malware threats to Android phones" we will see some more applications which are more dangerous.

We read in earlier post how Android phones are now drawing crooks attention. It is easier to launch malware on Android. In most cases, the phones are being compromised by installation of certain applications that exploit the vulnerabilities Many of my friends who use iPhone said "Apple's  iPhone too has an app store but the applications that are available on the store are put through a stringent evaluation and it is a closed Eco-

system". In the case of Android , the eco- system is open and there are multiple app stores. That is precisely why the incidence of malware is high on Android phones.  "A map application with malware is more dangerous. It provides the exact location of the phone-user and it is great threat to the phone-user as a

person". Similarly, there are malware in the guise of application that track other forms of data, including mobile banking and the contact list.

A key difference between the early days of cybercrime targetting PC's and the current drift towards mobile platform is that cybercriminals are starting from scratch, There are circles within circles.For instance."SMS Privato Spy" is marketed as a app that allow buyers(read scammers) to spy on a smartphone user by doing such things as viewing the phone screen live, viewing call logs, performing GPS tracking and activating the phone's microphone to listen in on conversations. The only problem - besides such an app being an obvious invasion of privacy  - is that SMS Privato Spy doesnt exist! Those behind the scam go to great  lengths to convince potential buyers that it does exist. But all that the buyers get for their money is a lighter wallet.But there are malware that do exist. Even when bad apps are discovered, it does not solve the problem. 

Such malware is hard to uninstall. Instead of infecting  devices at one go, the attackers parcel their 'workload'-their malicious code. This is similar to a smuggler who evades detection by bringing in small amounts of the consignments over a period  of time, rather than sneaking in the entire lot in one attempt.

Smaller pieces are easier to hide. This strategy obviates a long permission list which can trigger suspicion and give their game away. 

A new version of malware called Android.Lightdd attempted this. The first payload performs reconnaissance

and intelligence-gathering(model, language, country ,IMEI, IMSI, IS version), followed by the downloading of additional payload.


Related Articles:

• Malware threatens Android phones - Part |

• Android Code name/Flavor?

Malware threatens Android phones - Part |

Crooks' arsenal ranges from mobile games to a simple map

Smartphone security firms have reason to worry. Malware threats to Android phones, which have positioned themselves in the smartphone category, are growing. This time, mobile crooks are targeting certain features that are popular on PC's but are found to be vulnerable on Android phones. For eg: unlike other smart phones with proprietary app store, Android phones keep their app stores 'open', exposing themselves to attacks by malware writers.

The Android phones offer a variety of applications that allow users to operate the  phone for requirements that are beyond voice. Typically, smartphone makers offer applications through their app stores. Wresting control of the app stores, however can allow malware writers to pick vulnerabilities in Android phones.

Following are some of the Android specific mobile threats:
AndroidOS.Tapsnake
A user who downloads this application assumes that it is the Android version of the popular "Snake" game.
However what happens is that the threat switches on the phone's GPS and relays information about the user's coordinates to the cyber criminal.

Andorid.Pjapps
Android.Pjapps is an example of a Trojan with backdoor capabilities that targets Android devices. As seen with previous Android threats, it spreads through compromised versions o legitimate applications. One of the applications carrying Android.Pjapps code is Steamy Window similar to other  compromised Android applications, it is difficult to differentiate the legitimate version form the malicious one once it is installed. During installation, however it is possible to identify the malicious version by the excessive permissions it requests.When run, both the legitimate and malicious versions of the application mimics  a steam effect on your Android devices screen. It even lets you wipe it off with your finger. The  aim of Android.Pjapps is to build a botnet controlled by a number of different Command and Control(C&C) servers.

Android.Rootcager
Android Packages(.apk) include the file "rageagainstthecage", which is a tool commonly used to root the phone. In legitimate circumstances, this file can be used by the owner of the phone to acquire administrative rights on his or her phone this case, rooting the pone can allow malware we call Android.Rootcager to form more than the usual activities not commonly allowed on droid phones. Android.Rootcager roots phone without user consent by performing activities such as taking screen shots, monitoring installed applications and downloading additional packages of code.

Related Articles:

• Malware threatens Android phones - Part ||

• Android Code name/Flavor?