Doctor Web’s analysts advised by over 200 thousand infected smartphones, including those of Polish members that make up the biggest ever botnet based on Android.
to infect machines in order to integrate them into a botnet cyber criminals have used several malicious program detected recently Android.SmsSend.754.origin, Android.SmsSend.412 (known in Doctor Web since March 2013 and distributes a as a mobile browser), Android.SmsSend.468.origin (known since April 2013) and Android.SmsSend.585.origin, (recognized in June 2013).
earliest version of the Trojan linked to the investigation into the incident is Android.SmsSend.233.origin, added to the databases of Dr.Web in November 2012. In most cases, the source of the infection turned out to be owned by criminals and sites attacked and controlled by them in order to further the spread of viruses.
Android.SmsSend.754.origin Trojan masquerades as a application called Flow_Player.apk. During the installation, it displays prompts you to run it with administrator privileges – this malicious application gains the power to lock and unlock the screen. In addition, gains Android.SmsSend.754.origin Late remove their icons from the “home” of Android. After installation, the Trojan sends an attacking message about the infected device, which may include information such as the IMEI number of funds in your prepaid card, the country code and operator code – the SIM card issuer, number and mobile phone model and operating system version. Android.SmsSend.754.origin then waits for commands from intruders, in response to which they can, for example, send a text message defined for a specific number or aggregate SMS to numbers from the phone’s address book, open the specified URL in a browser or display a message with a specific the title and the content on the screen.
According to information collected by the analysts, the botnet has more than 200,000 mobile devices based on Android. Most of them (124 458) located in Russia, the second place is Ukraine (39 020 infections), the third and Kazakhstan (21 555). Polish users, although with a lower score (192 infected devices), also found in the area of ??operation of the botnet.
detected incident is one of the biggest attacks on Android devices that have been recorded in the last six months. Preliminary evaluations suggest that the result of the botnet can be severe damage caused to users by these types of malware.
To avoid infection, Doctor Web specialists recommend the abandonment of downloading and installing programs from the suspects, unauthorized sources.
Photo: stock.xchng
No comments:
Post a Comment