A
Sophos says once the malware gets on the device, what it does is communicate with a remote program to install more malware on the Android phone or tablet. Sophos says, "The Trojan horse, which Sophos detects as Andr/KongFu-L, appears to be a fully-functional version of the popular smartphone game, but uses the GingerBreak exploit to gain root access to the device, and install malicious code. The Trojan communicates with a remote website in an attempt to download and install further malware onto the compromised Android smartphone." Sophos says that the malware hides its payload in the form of two ELF files at the end of a JPG image file.
ngry Birds Space is quite the hit, it reached 10 million downloads in the first three days alone. Users may be in such a frenzy to get the game, that they may have even bought it from unofficial sources, particularly those users with Android smart devices. According to ablog post on security firm, Sophos' Naked Security page, Android users who have downloaded Angry Birds Space from unofficial Android markets are at a risk of malware on their devices. Sophos says that the version of Angry Birds Space, which is in the official Android Market (which is now Google Play) is not affected at all. They haven't noted whether the version available on the Amazon App Store is unaffected or not, however, given that the Amazon App Store is an official Android store, Angry Birds Space in that store, too, should be unaffected.
Sophos says once the malware gets on the device, what it does is communicate with a remote program to install more malware on the Android phone or tablet. Sophos says, "The Trojan horse, which Sophos detects as Andr/KongFu-L, appears to be a fully-functional version of the popular smartphone game, but uses the GingerBreak exploit to gain root access to the device, and install malicious code. The Trojan communicates with a remote website in an attempt to download and install further malware onto the compromised Android smartphone." Sophos says that the malware hides its payload in the form of two ELF files at the end of a JPG image file.
The malware essentially makes your Android device part of a botnet and it is fully under the control of malicious hackers. The cybercriminals can send your Android device instructions to download more malicious code or display URLs that they push in the phone's browser. Sophos says that they keep warning Android users to be careful downloading applications, especially in scenarios like these, where users are buying applications from unofficial Android stores. On Google Play itself, though, Android has previously implemented a program called Bouncer to help keep malware out of the market, however, Sophos found that there was still malware going around Google Play through the Facebook application.
No comments:
Post a Comment