Besides, we reported that Android malicious file spread to Korean users on Jan 6.
However, general users cannot easily notice that how malicious files are spreading. So we decided to let you know the procedure for fulfilling your knowledge about how serious it is.
[Information] Automatic detection and analysis system of malicious Android application
2. How to spread
There are various black market sites for downloading APK files in China and Russia. It means that those sites are vulnerable to be root for spreading malicious files.
INCA Internet response team developed auto detection and analysis system of Android malicious application auto detection, which can monitor various Android malicious file spreading status and update malicious file information on nProtect Mobile for ANDROID.
Following captured image is from one of Chinese Android markets. We can see famous apps in this market.
Most of those files are for normal Android program, but some of malicious files also can be downloaded.
Clicking app will lead to download page as following.
User can download with this link. And QR(Quick Response) code also works for downloading on smartphone.
Downloaded malicious files are revealed as a type of KungFu, which tries to collect various information on smartphone.
Collected information will be sent to certain host.
These files can be scanned by our nProtect Mobile for ANDROID.
There are various communities for sharing Android application and black markets. In those sites, various malicious APKs are being downloaded. We collect various numerous malicious APK files and try to update pattern. Users must maintain the latest version of Anti-Virus software.
On using computer, security update is not selectable but essential. To use PC safely from security threats of these malicious attachments, we recommend you download latest security updates and obey following "Security management tips" for general users.
INCA Internet (Security Response Center / Emergency Response Team) runs responding system against various security threats.