InShortViral: One of the most recent case involved a family that aims to Android devices within Chinese territory, which was discovered by Symantec and was appointed as Android.Spywaller.
Even if some families of malware ever get damage worldwide, still sometimes interesting to read about new techniques that some malware writers used to create these cyber threats. One of the most recent case involved a family that aims to Android devices within Chinese territory, which was discovered by Symantec Researcher and was appointed as Android.Spywaller.
The highlight of this new threat is the fact that, during infection, the malware takes the form of Qihoo 360, an app security very popular among Chinese Android users. What makes this Android.Spywaller is to use the firewall to block internal communications of Qihoo 360. The malware looks and recorded in the device as the same UID (unique identifier) used by the app Qihoo360, then load a binary file DroidWall the name, which is a version of UNIX package iptable, modified to work on Android devices.
Android Malware Poses As Google App To Ditch Security Apps
The package iptable is a utility well-known firewall for Linux systems, and DroidWall developed independently by independent researchers, who later sold it to AVAST in 2011. Since this app has spent several years as a public free software, malware authors still be found in the repositories of Google Code or GitHub.
Just as in the case of Android.Spywaller, DroidWall can be used to block security apps and so can not communicate with servers in the cloud threat analysis, making apps happen to be completely useless, malware gives free rein to access any part of the device.
Android.Spywaller infects devices to impersonate a Google app
Researchers at Symantec said the malware is not a very common infection among the US and Chinese users, so there is not much to worry about for now. For users who have been affected, malware poses as an app in Google by the name of Google Service. It is used in this case the advantage of not having an official store Google Play store in the country that you can check.
Also Read: Best Android Hacking Apps 2016
It extends through stores of unofficial apps by Android and tricks users to give them permits administrator. Thus, the Android.Spywaller continues its work in the background running terminal, stealing information about the device and then upload it to one of their own servers.
One Google family of Android spyware largest discovered
Symantec reports that the app will search and filter data such as call history, SMS, readings GPOS, browser data, emails, radio, pictures and contact lists, Furthermore, the app also gathers information from other apps as are the BlackBerry Messenger, QQ, SinaWeibo, Skype, Talkbox, TecentWeibo, Voxer, WeChat, WhatsApp and Zello, among others.
Also Read: 12 Best Android Hacking Apps
Researchers say this Android.Spywaller is one of the rudest spyware families that have been discovered for devices Android because the malware covers multiple types of information and information sources at the same time very different.