The security reputation of the Google Android platform has been rocked once again, this time with reports that a fake Google security tool containing a trojan has been circulated.
Ironically, the legitimate version of the utility – Android Market Security Tool – was pushed by Google earlier this month in response to the infections of the DroidDream malware.
As previously reported by Infosecurity, these infections stemmed from the download of infected versions of previously legitimate apps from the Android Market, the online store maintained by Google for smartphone users.
Hackers have subverted the patch/security tool by infecting it with the Android.Bgserv trojan, Infosecurity understands.
According to Mario Ballano, a Symantec security researcher, the fake Google security tool appears to have originated from a Chinese third-party apps website.
The trojan, he reports, seems to be able to send SMS messages if instructed by a command-and-control server located at hxxp://www.youlubg.com:81/Coop/request3.php.
"Analysis of the application is still ongoing, however, what is shocking is that the threat's code seems to be based on a project hosted on Google Code.
See the ful article
http://www.infosecurity-us.com/view/16578/android-users-hit-by-trojan-hidden-inside-fake-google-security-tool/?utm_source=twitterfeed&utm_medium=twitter
-Dario
As previously reported by Infosecurity, these infections stemmed from the download of infected versions of previously legitimate apps from the Android Market, the online store maintained by Google for smartphone users.
Hackers have subverted the patch/security tool by infecting it with the Android.Bgserv trojan, Infosecurity understands.
According to Mario Ballano, a Symantec security researcher, the fake Google security tool appears to have originated from a Chinese third-party apps website.
The trojan, he reports, seems to be able to send SMS messages if instructed by a command-and-control server located at hxxp://www.youlubg.com:81/Coop/request3.php.
"Analysis of the application is still ongoing, however, what is shocking is that the threat's code seems to be based on a project hosted on Google Code.
See the ful article
http://www.infosecurity-us.com/view/16578/android-users-hit-by-trojan-hidden-inside-fake-google-security-tool/?utm_source=twitterfeed&utm_medium=twitter
-Dario
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.