The company is involved in cybersecurity notes that the purpose of the detected software “is stealing the credentials of transactions in mobile banking by applying the tools of phishing on the actual banking applications, and capture data on payment cards through overlap on the Play Store Google. “
Malware attacks device running Android version 6, which was published at the end of 2015. The creator of the mobile system, the US company Google, argued then that the new Android is equipped with functions to protect against various attacks.
Kaspersky Lab explains that discovered this software modification of a Trojan gugi, who attacked all versions of Android. According to a statement from a modified version of gugi discovered for the first time in June – six months after it was first discovered family of Trojans.
“Modified Trojan forces users to forward him the right to impose on the actual applications, sending and viewing text messages, calls and other activities. it spreads using social engineering and its use by cybercriminals is growing rapidly: from April to early August 2016 . the number of attacks has increased tenfold, “- emphasizes the company on its website.
the company explains that the original infection using this modified Trojan done through social engineering, usually with the help of SMS, which encourages users to click malicious link. After installation on the device, the Trojan seeks to obtain the necessary access rights to him – highlights Kaspersky Lab. When it is ready, it displays the following message on the user’s screen: “We need additional rights in order to work with graphics and windows.” It gives only one possibility: “Allow”.
“When the user clicks the button, a screen appears asking you to authorize the imposition on application. Upon receiving approval, the Trojan will block the device’s screen, displaying on it a message asking for rights + administrator of the machine +, and then ask for permission to send and view text messages and make phone calls, “- added in a statement published on the company website.
Kaspersky Lab warns that if the malware does not receive the data it needs, then the infected device will be blocked. While any attempt to uninstall the Trojan can be difficult.
The company insists that “gugi a typical Trojan bank that steals financial credentials, SMS messages and contacts, it sends a request USSD and SMS according to the instructions of the server controlled by cybercriminals. “
most of the attacks a modified version of the Trojan gugi occurred on the territory of Russia, where its headquarters is to Kaspersky Lab.
No comments:
Post a Comment