One of the most recent cases involved a family that aims for Android devices within Chinese territory, which was discovered by Symantec and was appointed as Android.Skywalker.
Even if some families of malware get damaged worldwide, still sometimes interesting to read about new techniques that some malware writers use to create these cyber threats. One of the most recent cases involved a family that aims for Android devices within Chinese territory, which was discovered by Symantec Researcher and was appointed as Android.Skywalker.
The highlight of this new threat is that, during infection, the malware takes the form of Qihoo 360, an app security top-rated among Chinese Android users. What makes this Android? Skywalker is to use the firewall to block internal communications of Qihoo 360. The malware looks and is recorded in the device as the same UID (unique identifier) used by the app Qihoo360, then load a binary file DroidWall the name, which is a version of the UNIX package iptable, modified to work on Android devices.
Android Malware Poses As Google App To Ditch Security Apps
The package iptable is a utility, well-known firewall for Linux systems, and DroidWall was developed independently by independent researchers, who later sold it to AVAST in 2011. Since this app has spent several years as public free software, malware authors still are found in the repositories of Google Code or GitHub.
Also Read: How Someone Can Hack Your Whatsapp On Android
Just as in the case of Android. Skywalker, and DroidWall can be used to block security apps and so can not communicate with servers in the cloud threat analysis, making apps completely useless; malware gives free rein to access any part of the device.
Android. Skywalker infects devices to impersonate a Google app
Researchers at Symantec said the malware is not a very common infection among the US and Chinese users, so there is not much to worry about now. For users who have been affected, malware poses as an app in Google by the name of Google Service. It is used, in this case, the advantage of not having an official store Google Play store in the country that you can check.
Also Read: Best Android Hacking Apps
It extends through stores of unofficial apps by Android and tricks users into giving them permit administrators. Thus, the Android. Skywalker continues its work in the background running the terminal, stealing information about the device, and then uploading it to one of its servers.
One Google family of Android spyware largest discovered
Symantec reports that the app will search and filter data such as call history, SMS, readings GPOS, browser data, emails, radio, pictures, and contact lists. Furthermore, the app also gathers information from other apps as are BlackBerry Messenger, QQ, Sina Weibo, Skype, Talkbox, TecentWeibo, Voxer, WeChat, WhatsApp, and Zello, among others.
Also Read: 12 Best Android Hacking Apps
Researchers say this is Android. Skywalker is one of the rudest spyware families that have been discovered for Android devices because the malware covers multiple types of information and information sources at the same time, very different.