Recently, the Android devices are being targeted by a new version of the malware and its main aim is to obtain permissions to root the device in order to get full control of the device.
Android Devices Under Attack As New Malware Can Root Devices & Steal Passwords
Alternative stores for Android are more dangerous than they may seem at first glance. If you have ever gone to them, you will have found that besides having paid applications pirated, find official apps that lead one to wonder why it is there, if they are already available officially on the Google Play Store.
Mainly, one of the reasons is that there are Android devices that do not have the Play Store installed as standard and many users do not want to install it, resorting to these alternative markets. The problem is that when you download one of these applications have no guarantee that the application you are downloading is free of malware if you do not have an antivirus. The problem is that a new malware can even delete the antivirus if it manages to obtain superuser permissions.
This lack of control is what which has taken a new version of malware Tordow, arriving in version 2.0. Although in principle the majority of attacks of this malware are being located in Russia, it is possible to end up reaching other parts of the world.
Security firm Comodo discovered the Tordow 2.0 which is a banking trojan designed for Android, and its goal is to obtain permissions to root the device in order to get full control of the device. Once achieved root permissions, the Trojan can make phone calls, monitor SMS, download and install applications, steal credentials, access the list of contacts, visiting websites, impersonating interfaces banking applications, remove the antivirus, restart the device, and even rename and encrypt files and can act as ransomware.
For malware to infect the computer, the user must install an infected application. But, Tordow 2.0 hides in the applications of alternative app stores that are often popular to download paid applications for free, so the main recommendation to avoid infection is to not use them and only download apps from the Google Play Store.
The malware is difficult to detect because its creators catch real applications, make them reverse engineering, adds malware and recompiled into new applications that rise to alternative stores. Among the names and applications are Subway Surfers, Pokémon Go and Telegram.
Removing Tordow 2.0 on a mobile is very complicated, since once you have root permissions, malware can block any attempt to delete. The only option is to flash a new firmware to generate an installation from scratch on the mobile.