New Android Trojan masquerades the Google Play Store App
Researchers at Cisco Talos has discovered a new trojan that is labelled as "Google Played" and the icon looks the same as Google Play Store icon. The researchers note that the trojan is having almost all the access from the installed android device. It has capability to load plugins from another source and injects the new .NET code in the device.
The researchers also note that the Trojan is “extremely powerful” as it has the capability to “adapt after it is deployed”.
Every Mobile Users should be aware of these kind of issues. This Trojan load the Malicious Scripts at the run time and gives reverse connection to the attacker. When it is activated, the trojan starts executing the multiple tasks and will try to establish a connection to the attacker by its own commands.
This is done by requesting all privileges on the device and asking the user to allow the trojan in device setting. Cisco Talos researchers say that the trojan seems to be in the final stages of testing. This trojan is using the Xamarin environment for mobile applications. The main DLL with the name "Reznov.DLL." has one root class called "eClient," which is the main class of the Trojan. The second DLL called 'eCommon.DLL, the "eCommon" file contains support code and structures. Its code is platform independent.
With over 215 billion emails exchanged every day, it is no wonder that email is the most vulnerable threat vector. We are all aware of increased ransomware and credential phishing. As per multiple research and reports, almost 91% of cybercrimes start with an email, and with migration of email service on the cloud it is easy to understand that standard anti-spam and anti-virus protection is not enough! Disruption can come from anywhere, even from outside of your industry.
Almost all Mobile Trojans can access user's confidential information from the android device like users geo locations, key strokes, stored credit card details in the browsers, phone call recording and many more. On internet there are millions of websites which have trojans to infect user's mobile device so that they can access confidential information. Users in that case should not visit malicious websites on the internet.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.