Its very rare in internet world to listen
about such news that Android Malware detected but recently a chinese
hacker again tries to hack android, and this time, he used a game named "The Roar of the Pharaoh".
The bug was spotted by the security team(penetration testing) from
Sophos, well known security firm. The game does not show any security or
permission issues while user installs it, so Android user believes that
it is a reliable and non-malicious software and will not harm the
system. So friends please avoid android games and applications from
unknown publishers as it may result into critical information leak and
sometimes into OS crash.
But, actually what the game does is that it collects all the sensitive
and personal information from the device(like the normal Trojans does)
and sends it to the author via an SMS with premium rates, without taking
the user's permission(means in the background). The Trojan sends
information like the phonebook entries, SMSs, IMEI number, phone number,
OS version etc. Though no cases illegal usage of the users information
have been reported yet but researchers believe that more damage can be
done using this bug.
According to the vendor, the malware runs as a service called
"GameUpdaterService", which sounds like a legitimate name for an
application and user thinks that some game is updating, but its just
another indication of the social engineering element of the campaign
which makes it look like reliable application, next to the actual
brand-jacking of a legitimate game’s name.
The application has been detected as an Stinter-A, the mobile phone
companies process the money to the authors before the application user
gets the bills.Michael Sutton, vice president of security research at
cloud-based security provider Zscaler, said "the fake "The Roar of the
Pharaoh" app for Android reflects the shift of malware authors to target
the Android platform, whether smartphones or tablets. Fake game apps
that are really Trojans are increasing and "this is a typical scam for
Android now," he added.
The interests of the hackers has now shifted towards the Android phones
from computers. The android officials have not spoken anything much
about this application, but have warned its users to beware of such
malicious applications.
The authors have not been caught yet, and the Chinese Security is still working to put them behind the bars.
No comments:
Post a Comment