Android malware spreading through Google’s AdSense network


android-malware-02_story

Neowin.net | Justin Luna | Aug 16, 2016

A group of security researchers have recently discovered a new strain of malware targeting the Android operating system by Google, which also uses its advertising network AdSense to spread itself.


1Mikhail Kuzin and Nikita Buchka of Kaspersky Solutions found the banking Trojan, which was dubbed ‘Trojan-Banker.AndroidOS.Svpeng.q.’ The malware is out to steal banking and other financial information from innocent people on the internet, by means of phishing or other related methods. It also has the ability to read and delete text messages sent by banks to their clients.

It was found that the malware can actually be contracted via AdSense, Google’s own advertising network. What is also very alarming is that millions of websites on the internet, from news sites, to the smallest blog websites utilize the network, in order to monetize their content. Moreover, Svpeng is downloaded automatically as soon as the page with the advertisement is visited.

The Kaspersky researchers found the malware on state-owned news company Russia Today (RT), as well as the Meduza news portal. In light of the discovery, the latter has already disabled AdSense advertising on their pages. Svpeng will disguise itself as a browser update, shown on the screenshot, in order to trick users into thinking that the download is safe.

good_morning_android_eng_2Once installed, the malware disappears from the list of installed apps, and then it will request administrator rights. This privilege will make it harder for antivirus to terminate the malicious program. The researchers stated:

Svpeng can steal information about the user’s bank cards via phishing windows, intercept, delete, and send text messages (this is necessary for attacks on remote banking systems that use SMS as a transport layer). Also, the malware can counteract mobile security solutions that are popular in Russia by completeing [sic] their processes.

Lastly, the malware can reportedly collect personal information such as call history, contacts, text and multimedia messages, as well as browser bookmarks.

While we do sometimes tend to install Android applications using raw .APK files, due to some circumstances, we strongly advise our readers to be careful with what they download online. Users can also disallow the installation of third-party apps on their devices, in order to avoid getting infected with malicious software in the future.

Source:

Iklan

Tinggalkan Balasan

Isikan data di bawah atau klik salah satu ikon untuk log in:

Logo WordPress.com

You are commenting using your WordPress.com account. Logout / Ubah )

Gambar Twitter

You are commenting using your Twitter account. Logout / Ubah )

Foto Facebook

You are commenting using your Facebook account. Logout / Ubah )

Foto Google+

You are commenting using your Google+ account. Logout / Ubah )

Connecting to %s

%d blogger menyukai ini: