By hiding a malware behind an adware, malicious developers have managed to bypass security systems and infect thousands of users in thirtee...
By hiding a malware behind an adware, malicious developers have managed to bypass security systems and infect thousands of users in thirteen countries.
Malware are these who can be detected and eradicated quickly enough on our IT platforms. However, it is sufficient that the malware can be transferred by someone else, and the task become more complicated.
The adware that hides the forest
This is the case of Gunpoder, new malware, not to mention new family of malware, which spreads for some time via the third application stores on Android. He was spotted particularly in a fully functional open source NES emulator. The modified application integrates an aggressive ad network called Airpush, which is talked about for several years now.The problem is that malicious developers have hidden adware malware part in the game. Thus, the collection of device information (ID, models, etc.), the user data and the communication with the server of the attacker are hidden. While security solutions said it is a "simple" adware.
"We believe that the author of the malware intentionally added Airpush library as a scapegoat, so that all malicious behaviors are allocated to this library", says the report of the security company Palo Alto Networks which lifted the wolf .
Because unlike adware, Gunpoder has a real criminal activity. It is used for the shipment of premium SMS, for example.
As wildfire
And if the player does not want to pay, it is suggested that he send an SMS via a Google short URL . The malware spreads so quickly. It spreads from one smartphone to another via a simple SMS sent to contact the person whose device is contaminated.
Already spotted in thirteen countries, Gunpoder comes in three variants, identified by teams from Palo Alto Networks. Security researchers believe that the collection of information could be used to prepare future phishing attacks.
So now do not install any application from Alternative stores, and be careful what you install on your smartphone or Android tablet, the only solution would be spared to live in China. When the malware detects that the user is in this country, surprisingly, it does not run!!
