PRINCIPAL TRENDS IN NOVEMBER
- Unwanted Android adware activity
- Detection of a new dangerous Trojan for iOS
The page may not load correctly.
December 1, 2015
In November, Doctor Web security researches detected an unwanted Android application designed for mobile advertising—Adware.AnonyPlayer.1.origin. It was distributed by virus makers with the help of Android.Spy.510 and was disguised as a program that should supposedly ensure a user`s anonymity. Once installed, Adware.AnonyPlayer.1.origin prompts the victim to allow it the use of Accessibility Service. If the malware gets such privileges, it immediately starts to monitor all the launched programs on the device. In case the Trojan does not find a program on a special list, Adware.AnonyPlayer.1.origin shows an advertisement on top of the opened application. It should be noted that the module starts performing its malicious activities not right after the installation but some time later. As a result, the user may think that it is the launched application that is responsible for annoying notifications, while Adware.AnonyPlayer.1.origin is clear of suspicion. You can find more information about this incident by referring to the review published by Doctor Web.
The number of entries for unwanted adware in Dr.Web virus database
In November, security researchers detected a huge number of dangerous malicious programs for Android devices which block mobile system running and demand a ransom to unlock the device.
The number of entries for Android ransomware in Dr.Web virus database
Last month, cybercriminals were still trying to steal money from mobile devices users` bank accounts by employing various banking Trojans. In November, Doctor Web security researchers detected five new malicious programs of the Android.Banker family, as well as three new Android.Banker modifications.
The number of entries for banking Trojans of the Android.Banker family in Dr.Web virus database
The number of entries for banking Trojans of the Android.BankBot family in Dr.Web virus database
Among the detected malicious Android applications, a large number of SMS Trojans were found. Such Trojans are dangerous, because they covertly send text messages to short premium numbers and subscribe mobile operators’ clients to chargeable services.
The number of entries for SMS Trojans of the Android.SmsSend family in the Dr.Web virus database
In November, Doctor Web specialists detected one of IPhoneOS.Trojan.XcodeGhost modifications that was added to Dr.Web virus database as IPhoneOS.Trojan.XcodeGhost.8. This malware can gather confidential data about the compromised iOS device, display fake dialog windows in order to carry out phishing attacks, and automatically open links specified by virus makers.