XCLUB-COOL STUFF AROUND YOU

 找回密码
 Register
查看: 466|回复: 0
打印 上一主题 下一主题

new virus to attack on mobile devices

[复制链接]

1

主题

54

帖子

55

积分

Jade Star LV2

sign star1sign star2sign star3

跳转到指定楼层
#1
发表于 2019-10-09 19:10:55 来自手机 | 只看该作者 |只看大图 回帖奖励 |倒序浏览 |阅读模式
In the Wachowski Brothers’ classic Matrix trilogy, “Agent Smith” famously describes the human race as a species that multiplies until every resource is consumed. In reality, it is the “Agent Smith” of the mobile malware world that is the real virus – and is spreading at alarming rates.[br]Check Point Researchers recently discovered a new variant of mobile malware that has quietly infected around 25 million devices, while the user remains completely unaware. Disguised as a Google related application, the core part of the malware exploits various known Android vulnerabilities and automatically replaces installed apps on the device with malicious versions without the user’s interaction.[br]Agent Smith” has primarily three phases in its attack flow.[br][br] [br][br]In the first phase, the attacker lures users to download a dropper application from an app store such as 9Apps. These droppers are usually disguised as free games, utility applications or adult entertainment applications, yet contain an encrypted malicious payload. The dropper application then checks if any popular applications, such apps include WhatsApp, MXplayer, ShareIt and more from the attacker’s pre-determined list, are installed on the device. If any targeted application is found, “Agent Smith” will then attack those innocent applications at a later stage.[br][br] [br][br]In the second phase, after the dropper gains a foothold on victim device, it automatically decrypts the malicious payload into its original form – an APK (Android installation file) file which serves as the core part of “Agent Smith’s attack. The dropper then abuses several known system vulnerabilities to install the core malware without any user interaction at all.[br]In the third phase, the core malware conducts attacks against each installed application on device which appears on its target list. The core malware quietly extracts a given innocent application’s APK file, patches it with extra malicious modules and finally abuses a further set of system vulnerabilities to silently swap the innocent version with a malicious one.[br] [br][br][br][br]
回复

使用道具 举报

高级模式
B Color Link Quote Code Smilies |上传

本版积分规则

Infinix Official Website|Infinix official mall|infinix Note 4|XCLUB-COOL STUFF AROUND YOU

GMT+8, 2024-11-15 06:08 , Processed in 0.035784 second(s), 22 queries .

Powered by Discuz! X3.4

© 2001-2017 Comsenz Inc.

快速回复 返回顶部 返回列表