October 31, 2016
October was uneventful in terms of information security and began with the emergence of a new Trojan that uses infected Android devices as proxy servers.
PRINCIPAL TRENDS IN OCTOBER
- Detection of Android Trojans on Google Play
Mobile threat of the month
In the beginning of October, a new Trojan, Android.SockBot.1, was found by Doctor Web’s security researchers on Google Play. This malware program was incorporated into applications containing game walkthroughs and some homegrown game modifications and add-ons. Once installed, Android.SockBot.1 covertly connects to the Internet and transforms a mobile device into a proxy server. This technique helps cybercriminals anonymously connect to remote computers and other machines that have an Internet connection. In addition, they can intercept and redirect network traffic, steal private information, and perform DDoS attacks on web servers.
According to statistics collected by Dr.Web for Android
- Android.Banker.70.origin
- Android.Xiny.26.origin
Trojans that get root privileges, copy themselves into the system directory, and then download various applications without the user’s knowledge. They can also display annoying advertisements. - Android.BankBot.139.origin
Trojans designed to steal login credentials in order to access online banking applications. They also steal money from the bank accounts of Android device owners. - Android.Mobifun.7
A Trojan designed to download Android applications. - Android.Backdoor.471.origin
A Trojan that covertly performs different malicious functions at the command of cybercriminals.
- Adware.Airpush.31.origin
- Adware.Leadbolt.12.origin
- Adware.WalkFree.1.origin
- Adware.WalkFree.2.origin
- Adware.Appsad.3.origin
An unwanted program module that is incorporated into Android applications and is responsible for displaying annoying ads on mobile devices.
Malware Trojans for Android can still bypass improved security and infiltrate applications published on Google Play. Doctor Web strongly advises users to download applications created by reliable developers and to make sure that a downloaded program is not a fake. Dr.Web for Android products can securely protect Android devices from malicious and unwanted software.
