TechGlued

Tag: Virus

  • New Malware Android.Dropdialer Spotted in Google Play Market

    New Malware Android.Dropdialer Spotted in Google Play Market

    The second home for Malware is said to Android. Android is one of the unluckiest OS that has been affected by every Malware and Virus from the beginning. Few days back we told you about a Spyware App that was spotted in the iOS App Store and Google Play Market with the name of Find and Call, later on was deleted from both of the stores. Following the old tradition, Symantec found a new kind of Malware in the Google Play Market. This Android.Dropdialer Malware was operating in a different way. The Malware was disguised with the name of the two famous Apps that a user couldn’t resist to download without asking why.

    Android_Dropdialer

    The name of the two famous Apps were, “Mario Brother” and “GTA 3: Moscow City”. These two suspicious Apps contained Android.Dropdialer hidden in them and these Apps were available since 24 June 2012. Since then they have generated about 50,000 to 100,000 downloads. This means that almost about 50,000 to 100,000 devices got affected with this Malware. The reason this Malware stayed so long in the Play Store is told to be the remote playload engaged by this Trojan.

    How this Playload Works?

    This playload worked with an interesting technique that was previously explained by an Employee of Symantec, Irfan Asrar stating that the owner of the Trojan would by pass the detection of this Malware by uploading the playload somewhere and making it work with the help of Q&A screen method. When you downloaded the Malware App, it would have asked you for the permission to download an additional App called Activator. Once the App Activator was downloaded and opened, the playload was injected. Once installed, the App sends an international SMS to a premium number. After that, the App says to uninstall it. Here comes the time when the second playload is injected.

    Once everything is done, your data is in danger.

    Thankfully, the Apps have been removed from the Play Market. Still the rising number of Malware Attacks in Play Market raises some questions against the Google’s App Approval Team. How can they approve such Apps in the Play Store?

  • Angry Birds Space Targeted for New Android Malware LeNa

    Angry Birds Space Targeted for New Android Malware LeNa

    These days Malware with Virus is increasing like fire on a wood. Like this, Malware and Viruses are growing on Android. On Tuesday, Look Out Mobile Security Company that protects Android OS reported that the old Malware named as LeNa (Legacy native) got updated to root the victims Phone without his permission remotely. The previously known Malware LeNa uses exploit called “GingerBreak” which attempts to gain root access of an Android Phone without a user’s permission.  According to Tim Wyatt, the engineer at Look Out Security reported that the exploit, LeNa, hides in a JPG image file in the users Phone and then communicates with the command and control center allowing full root access to the users Phone.

    The exploit GingerBreak attacks from the second home of alternative third party Apps market. Till now this exploit hasn’t been found in the Google Play Market. The playload is said to be appeared in the most famous and one of the top 10 games called Angry Birds Space. The exploit is not present in the official App of Angry Birds Space; the exploit is present in the copy version of the Angry Birds Space. If you are planning to download Angry Birds Space from the Google Plat Market, you will be safe because this Malware hasn’t arrived in the Play market yet. You can be affected with this Malware by downloading the Angry Birds Space version from some other third party Market because this exploit has reached third party Markets.

    To stay safe from all of these Malwares, download some good and reliable antivirus suite for your Android Phone like Look Out mobile Security and AVG. Be alert of malicious activities on your Phone and always download Apps from reliable sources and websites. Keep in mind that Android Phones are subjected to different Kinds of Malwares, Viruses day by day. Android is a free developing platform that why we encounter many viruses from time to time. These days not only Android Phones, Apple’ MAC OS X is also being targeted with Malware. These days nothing is safe. We have to keep an eye on our products. If we don’t care about our things, we will be subjected to all of these Malwares and Viruses releasing from month to month.

  • OS X Becomes the Part of Fastest Growing Botnet Flash Back Trojan

    OS X Becomes the Part of Fastest Growing Botnet Flash Back Trojan

    This might sound strange that in this post PC era, we have got more than 600,000 MACs, which are infected and controlled by Flashback Trojan’s The number of infected MACs has increased from 550,000 to 600,000 in no time. This piece of information was founded by a Russian anti-virus vendor, Doctor Web. They conducted a research on the spreading of the Trojan BackDoor.Flashback that affects the computers running OS X.

    Systems get infected with BackDoor.Flashback.39 after a user is redirected to a bogus site from a compromised resource or via a traffic distribution system. JavaScript code is used to load a Java-applet containing an exploit. Doctor Web’s virus analysts discovered a large number of web-sites containing the code.

    We are living in a post PC era where anything can happen at any time and without a reason.  The evolution of PC era was said to be safe some unknown time. Like this till few years ago MAC, the finest creation made by Apple was said to be free from all the viruses, malwares, and everything. It was also believed that to make something bad for a MAC, you need some high skills, and the procedure was very difficult. On the other hand, to make a virus for PC was really easy. So, PC’s got high number of viruses and many of the PC users got affected due to revolution of Trojan Viruses. Now nothing is safe. Not even the OS X versions running on Apple Computers are safe. Few months back the evolution of Viruses got increased in OS X, and we came across many new viruses like Flash Virus, Malwares, and many more for OS X. After the viruses was confirmed; Apple pushed out updates regularly to encounter these viruses and Malwares.

    Deviation of these viruses have affected over more than half-million Macs around the globe. The highest number of Macs that were affected are said to be present in Cupertino where Apple’s Head Quarter is present. The number of infected Macs in U.S.A is said to be 57% whereas the 20% infected Macs are said to be in Canada and remaining 33% is said to be in other cities.

    Over 550 000, infected machines running Mac OS X have been a part of the botnet on April 4. These only comprise a segment of the botnet set up by means of the particular BackDoor.Flashback modification. Most infected computers reside in the United States (56.6%, or 303,449 infected hosts), Canada comes second (19.8%, or 106,379 infected computers), the third place is taken by the United Kingdom (12.8% or 68,577 cases of infection) and Australia with 6.1% (32,527 infected hosts) is the fourth.

    Below you can see the detailed map with the location and percentage of the infected MACs around the globe.

    Now you must be wondering how these Botnet thing works. We have collected some information on this Botnet from Wikipedia for your information. We got our hands on a picture posted on Wikipedia, which explains clearly about how this thing works. We believe that a picture is worth a thousand words.
    The method is quite simple. To make sure that you don’t get affected from this Flashback Trojan, we would suggest you that check for updates on your OS X from time to time and stay away from the links of which you are not aware of. THese days these type of links are on top which help the hackers to inject the viruses in your system.