October 31, 2016
October was uneventful in terms of information security and began with the emergence of a new Trojan that uses infected Android devices as proxy servers.
In the beginning of October, a new Trojan, Android.SockBot.1, was found by Doctor Web’s security researchers on Google Play. This malware program was incorporated into applications containing game walkthroughs and some homegrown game modifications and add-ons. Once installed, Android.SockBot.1 covertly connects to the Internet and transforms a mobile device into a proxy server. This technique helps cybercriminals anonymously connect to remote computers and other machines that have an Internet connection. In addition, they can intercept and redirect network traffic, steal private information, and perform DDoS attacks on web servers.
Malware Trojans for Android can still bypass improved security and infiltrate applications published on Google Play. Doctor Web strongly advises users to download applications created by reliable developers and to make sure that a downloaded program is not a fake. Dr.Web for Android products can securely protect Android devices from malicious and unwanted software.