1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

New Android Virus Extracts Your Facebook, Skype, Telegram Messages

Discussion in 'Mobile Phones & Devices' started by starbuck, Apr 3, 2018.

  1. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Security company warns of new Android malware in the wild

    8128e95c8506cbd0612a69b07d63fb7a.jpg

    Android devices are being targeted by a new form of malware that is specifically aimed at stealing private conversations on IM applications like Facebook Messenger, Skype, Telegram, Twitter, Viber, and others.

    The malware, which was detected by Trustlook (via FossBytes), has the capabilities to modify the “/system/etc/install-recovery.sh” file in order to start at every boot, thus making sure that it can extract instant messaging data even if the device is restarted.

    The first infected application is called Cloud Module and is spreading in China as package name com.android.boxa.
    It hasn’t yet reached the Google Play Store, and most likely the malware is supposed to target devices using non-store distribution tactics, such as email and downloads from third-party hosting sites.

    Chats uploaded to remote server

    In other words, Android users who only install apps from the Google Play store should be safe.
    While Android security solutions could detect the Trojan, Trustlook warns that the malware was designed to avoid detection, including anti-emulator and debugger detection techniques that make it possible to bypass dynamic analysis.

    Code obfuscation/hiding increases the malware author’s ability to avoid detection and becomes a sophisticated challenge to anti-virus software,” Trustlook notes in its analysis

    Once the malware manages to compromise an Android device, it automatically looks for conversations in the said applications.
    The data is extracted and then sent to a remote server.
    The security vendor says the server’s IP address is mentioned in the malware configuration file, allowing the Trojan to operate without any further command send by the author.

    The full list of instant messaging apps that are being targeted by the malware is available below, and keep in mind that as long as you stick with legitimate download sources for Android apps, this new form of malware is highly unlikely to compromise your device.
    Also, if you’re running third-party security software, updating it should help block any possible intrusion.

    256716d855cc619660a492bd8a390332.png


    Source:
    http://news.softpedia.com/news/new-...facebook-skype-telegram-messages-520531.shtml
     
    Tony D likes this.
  2. bob12a

    bob12a Senior Member

    Joined:
    Aug 14, 2009
    Messages:
    857
    Location:
    uk
    Operating System:
    Windows 7
    Computer Brand or Motherboard:
    MEDIONPC MS-7204
    CPU:
    3.00 gigahertz Intel Pentium D 16 kilobyte primary memory cache 1024 kilobyte secondary memory cache
    Memory:
    3072 Megabytes Installed Memory Slot 'A0' has 512 MB Slot 'A1' has 512 MB Slot 'A2' has 512 MB Sl
    Hard Drive:
    910.14 Gigabytes Usable Hard Drive Capacity 376.83 Gigabytes Hard Drive Free Space
    Power Supply:
    NVIDIA GeForce 6700 XL [Display adapter] Samsung SyncMaster [Monitor] (22.0"vis, s/n HS2P405617, A
    Thanks for info Peter I was thinking of using twitter to ask questions on by bank account
    Bob12a
     
  3. Tony D

    Tony D Administrator Administrator

    Joined:
    Sep 25, 2009
    Messages:
    5,112
    Location:
    SE Pennsylvania, USA
    Operating System:
    Windows XP Professional
    It never stops ...
     

Share This Page