In the midst of booming malicious applications, a peculiar one which tries to steal e-mail account and password has been found.
This malicious application is disguised as a streaming player.
Furthermore, it induces user to input his ID and password which can be leaked finally.
2. Spreading path and symptoms of infection
This malicious application can spread via various black markets and 3rd party markets and can require various permissions as following.
* Permission explanations
- android:name="android.permission.INTERNET"
- android:name="android.permission.INTERNET"
- android:name="android.permission.ACCESS_NETWORK_STATE"
- android:name="android.permission.ACCESS_WIFI_STATE"
- android:name="android.permission.READ_PHONE_STATE"
- android:name="android.permission.WAKE_LOCK"
- android:name="android.permission.INJECT_EVENTS"
- android:name="android.permission.READ_LOGS"
- android:name="android.permission.WRITE_EXTERNAL_STORAGE"
- android:name="android.permission.DUMP"
- android:name="android.permission.GET_TASKS"
- android:name="android.permission.INTERNET"
- android:name="android.permission.INTERNET"
- android:name="android.permission.ACCESS_NETWORK_STATE"
- android:name="android.permission.ACCESS_WIFI_STATE"
- android:name="android.permission.READ_PHONE_STATE"
- android:name="android.permission.WAKE_LOCK"
- android:name="android.permission.INJECT_EVENTS"
- android:name="android.permission.READ_LOGS"
- android:name="android.permission.WRITE_EXTERNAL_STORAGE"
- android:name="android.permission.DUMP"
- android:name="android.permission.GET_TASKS"
After the installation, this run icon on following figure will be generated.
Upon executing application, following run screen will appear.
This malicious application can be disguished by its layout.
Left one is Normal and Right one is Malicious version.
Following code shows that this malicious application will leak information to certain URL.
* Destination URL
http://erofolio.[~~].biz/login.php
http://erofolio.[~~].biz/login.php
Difference can be also shown in login procedure.
3. How to prevent
General users can be easily deceived by fake malicious application. This application can induce user to download and use, and leaked information can be used malicious way.
To use smartphone safely from security threats of these malicious applications, we recommend following tips "Smartphone security management tips" for general users.
Smartphone security management tips
1. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function
2. Download the proven application by multiple users at all times.
3. Use mobile anti-virus SW to check downloaded application before using it.
4. Do not visit suspicious or unknown site via smartphone.
5. Try not to see MMS, text, e-mail from uncertain user.
6. Set strong password on smartphone always.
7. Turn the wireless interfaces like Bluetooth only be used.
8. Do not save important information on phone.
9. Do not try illegal customizing like rooting or jailbreak.
1. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function
2. Download the proven application by multiple users at all times.
3. Use mobile anti-virus SW to check downloaded application before using it.
4. Do not visit suspicious or unknown site via smartphone.
5. Try not to see MMS, text, e-mail from uncertain user.
6. Set strong password on smartphone always.
7. Turn the wireless interfaces like Bluetooth only be used.
8. Do not save important information on phone.
9. Do not try illegal customizing like rooting or jailbreak.
INCA Internet (Security Response Center / Emergency Response Team) provides diagnosis/treatment function with nProtect Mobile for Android for mobile such as malicious file stated above and runs responding system against various security threats.
Diagnosis name
- Trojan-Spy/Android.FakeNefilix.A
it is really awesome to discover your site on the web as it really those ones who are just starting to explore the topic it outsourcing services
ReplyDeleteThis comment has been removed by the author.
ReplyDeleteWith regards to games, the more they look genuine, a more immersive ordeal they give.click to find out more
ReplyDeleteشركة مكافحة حشرات بالرياض شركة مكافحة حشرات بالرياض
ReplyDeleteشركة عزل اسطح بالرياض شركة عزل اسطح بالرياض
شركة تنظيف بالبخار بالرياض شركة تنظيف بالبخار بالرياض
شركة تنظيف منازل بمكة شركة تنظيف منازل بمكة
شركة تنظيف منازل شمال الرياض شركة تنظيف منازل شمال الرياض
شركة تنظيف منازل شرق الرياض شركة تنظيف منازل شرق الرياض
شركات رش مبيدات بالرياض شركة رش مبيدات بالرياض
great post. thanks for sharing this information
ReplyDeleteKineMaster for pc
Free fire for pc
https://www.kinemasterforpcdownload.co/
https://www.freefirepcdownload.online/
Thank you for sharing this valuable information with us. I will return to your site and continue to share this information with us.
ReplyDeletehappy wheels 2
Really very important article for me if you are facing any technical problem with your PC or mobile you can visit us for a better solution Geek squad support provide the best technical support for all kinds of a technical problem Geek squad tech support
ReplyDeleteyou should modify the root files and edit their command to remove the error.world of warcraft down
ReplyDeleteif you are searching for the QuickBooks tech support then you are at right place.
ReplyDeleteThen you are at right place with good indeed getinkpreferred
ReplyDeleteOnline psychology essay writing services are very difficult to complete and many students are always searching for Help with Psychology Coursework Writing services to help them complete their psychology research paper writing services and psychology case study writing services.
ReplyDelete