Hello dear readers, welcome back to NewAgeInformers .I'm back with another exciting and informative post. This post is a kind of warning for all android users about their security which is being compromised by their favorite apps. Yes, in the post we are going to talk about the malware named SpyDealer which is stealing the personal details of the users from their favorite apps like Facebook, WhatsApp, Skype and so on.
As per the recent report from the Palo Alto Networks based in Santa Clara, California, a leading ache of Android malware with the capability to spy or snoop the text messages including the call records and another personal details from the mobile phones which is used by hackers to steal the data. These details are being exploited by the most popular 35 or more applications which are mostly used by the Android mobile phone users namely Facebook, WhatsApp, Skype, SnapChat and WeChat, etc. According to the researchers from Unit 42, the malware 'SpyDealer' was named by the cyber security section of Palo Alto Networks, as plenty of sophisticated examining features like "call recording, audio files, video recording, clicking pics and also taking screenshots." The researchers said that this malware is totally affecting all those Android OS based phones which are working on the versions from 2.2 to 4.4. This entire report was published by the team of cyber security from Palo Alto Networks 3 days ago.
This shows that approximately 25% of the devices are running on these versions and around 500 million tablets and mobile phones are at risk possibly in the worst case plot. The malware depends on the "rooting" tool which allows user to control the permissions of the applications on their devices. This process is known as jailbreaking. Now let me explain you what a jailbreaking is ?
Jailbreaking is a term used in computer science which denotes the process of bypassing the digital restrictions of an operating system. It allows to change even the OS itself if the user wants to alter it from Android to iOS. The malware SpyDealer also misuse Android Accessibility which is a feature which was created to help disabled users' transmission, added Unit 42.
The Unit 42 had analyzed 1.046 separate cases that SpyDealer makes use of the commercial rooting app 'Baidu Easy Root' to gain privilege and maintain persistence on the compromised device. "SpyDealer employs a wide array of mechanisms to steal private information", said Unit 42 from Palo Alto Networks. They also revealed in their report that, at the same time, the malware approaches and drops out some of the sensitive data from more than 40 well recognized apps using root privilege. The most popular and used applications which were sighted by the attackers are Facebook, WeChat, WhatsApp, Skype, Telegram, Kik, QQ,Viber, etc. Root privilege and malicious code allowed the attackers to exploit the services because these services are not personally negotiated in either way.
The cyber security experts said that the stolen data may includes individuals databases, personal messages an images, chats, usernames as well as passwords. The experts also warned that the SpyDealer has three versions and all of these are running on the third-party app stores and also looking for Google Updates in the app. The team from Palo Alto Networks said that this malware is active on the official Google Play Store. The number of infected devices are unknown still but some of the Chinese users had been affected in more tendency due to negotiated wireless networks. Same as other dangerous and malicious malwares, SpyDealer was also designed in such a manner that it automatically connects to the attacker's command and control (C&C) server, it's a space or place where the attackers can send mischievous prompts to the sighted device and then steal files, pictures, saved documents, passwords and usernames, call recordings, etc. This malware is so dangerous that it can automatically record the call if it senses an active call.
Thank you . Stay connected with us for more interesting and informative posts or articles by following us here:
Instagram: @new_age_informers
As per the recent report from the Palo Alto Networks based in Santa Clara, California, a leading ache of Android malware with the capability to spy or snoop the text messages including the call records and another personal details from the mobile phones which is used by hackers to steal the data. These details are being exploited by the most popular 35 or more applications which are mostly used by the Android mobile phone users namely Facebook, WhatsApp, Skype, SnapChat and WeChat, etc. According to the researchers from Unit 42, the malware 'SpyDealer' was named by the cyber security section of Palo Alto Networks, as plenty of sophisticated examining features like "call recording, audio files, video recording, clicking pics and also taking screenshots." The researchers said that this malware is totally affecting all those Android OS based phones which are working on the versions from 2.2 to 4.4. This entire report was published by the team of cyber security from Palo Alto Networks 3 days ago.
This shows that approximately 25% of the devices are running on these versions and around 500 million tablets and mobile phones are at risk possibly in the worst case plot. The malware depends on the "rooting" tool which allows user to control the permissions of the applications on their devices. This process is known as jailbreaking. Now let me explain you what a jailbreaking is ?
Jailbreaking is a term used in computer science which denotes the process of bypassing the digital restrictions of an operating system. It allows to change even the OS itself if the user wants to alter it from Android to iOS. The malware SpyDealer also misuse Android Accessibility which is a feature which was created to help disabled users' transmission, added Unit 42.
The Unit 42 had analyzed 1.046 separate cases that SpyDealer makes use of the commercial rooting app 'Baidu Easy Root' to gain privilege and maintain persistence on the compromised device. "SpyDealer employs a wide array of mechanisms to steal private information", said Unit 42 from Palo Alto Networks. They also revealed in their report that, at the same time, the malware approaches and drops out some of the sensitive data from more than 40 well recognized apps using root privilege. The most popular and used applications which were sighted by the attackers are Facebook, WeChat, WhatsApp, Skype, Telegram, Kik, QQ,Viber, etc. Root privilege and malicious code allowed the attackers to exploit the services because these services are not personally negotiated in either way.
The cyber security experts said that the stolen data may includes individuals databases, personal messages an images, chats, usernames as well as passwords. The experts also warned that the SpyDealer has three versions and all of these are running on the third-party app stores and also looking for Google Updates in the app. The team from Palo Alto Networks said that this malware is active on the official Google Play Store. The number of infected devices are unknown still but some of the Chinese users had been affected in more tendency due to negotiated wireless networks. Same as other dangerous and malicious malwares, SpyDealer was also designed in such a manner that it automatically connects to the attacker's command and control (C&C) server, it's a space or place where the attackers can send mischievous prompts to the sighted device and then steal files, pictures, saved documents, passwords and usernames, call recordings, etc. This malware is so dangerous that it can automatically record the call if it senses an active call.
Thank you . Stay connected with us for more interesting and informative posts or articles by following us here:
Twitter: @NewAgeInformers
Comments
Post a Comment