January 2016 mobile malware review from Doctor Web

Virus reviews | Threats to mobile devices | All the news
[% DEFAULT FILE_REVIEW = ''; NAME_SOME_ARRAY_IN_MACROSNAME = [ { box => "Overview" }, { box => "Threat of the month" }, { box => "Statistics" }, { box => "Firmware Trojans" } ] # FILE_REVIEW = 'https://st.drweb.com/static/new-www/news/2016/mob_review_jan_2016.pdf' %] [% BLOCK global.tpl_blueprint.content %]

January 29, 2016

PRINCIPAL TRENDS IN JANUARY

  • Detection of a large number of Trojans on Google Play
  • Detection of yet another Trojan on the Android device’s firmware

Mobile threat of the month

Google Play is still considered to be the most secure app store for Android devices’ users. However, virus makers continue their attempts to incorporate malicious programs into Google Play applications. Thus, in January 2016, more than 60 games were affected by a Trojan. Doctor Web security researchers dubbed it Android.Xiny.19.origin. The main threat of this Trojan lies in its capability to download and run arbitrary apk files upon cybercriminals’ command. Besides, Android.Xiny.19.origin can download applications, prompt a user to install different software, and display annoying advertisements. For more information about this incident, refer to the news article.

According to Dr.Web for Android

По данным антивирусных продуктов Dr.Web для Android #drweb

  • Adware.WalkFree.1.origin
    An unwanted program module that is incorporated into the Android applications and is responsible for advertising on mobile devices.
  • Android.Backdoor.279.origin
    A Trojan that performs different malicious functions upon cybercriminals’ command.
  • Adware.Leadbolt.12.origin
    An unwanted program module that is incorporated into the Android applications and is responsible for advertising on mobile devices.
  • Adware.Airpush.31.origin
    An unwanted program module that is incorporated into the Android applications and is responsible for advertising on mobile devices.
  • Android.MulDrop.84.origin
    A Trojan designed to distribute and install other malware on Android mobile devices.

Firmware Trojans

More and more users suffer from Trojans that virus makers incorporate into firmware of Android devices. In January, Doctor Web specialists registered yet another such-like malicious program. In particular, they discovered that some of Philips s307 smartphones came with a pre-installed Trojan named Android.Cooee.1. This Trojan was initially detected in October 2015, but that time it infected only low-end smartphones. Android.Cooee.1 can covertly download and install software and display advertisements. Shortly after the Trojan was found, Philips released a firmware update. Thus, to get rid of the malicious program, users are recommended to update the operating system of their devices. For more information about this incident, refer to the article published by Doctor Web.

Protect your Android device with Dr.Web now

Buy online Buy via Google Play Free of charge

[% END %]
Latest All news