Σύμφωνα με την Kaspersky που το ανακάλυψε η κακόβουλη Android εφαρμογή, που δήθεν απελευθερώνει μνήμη στο smartphone. μόλις εγκατασταθεί το μολύνει κάνοντας δυνατά όλα τα παρακάτω :
- Sending SMS messages.
- Enabling Wi-Fi.
- Gathering information about the device.
- Opening arbitrary links in a browser.
- Uploading the SD card’s entire contents.
- Uploading an arbitrary file (or folder) to the master’s server.
- Uploading all SMS messages.
- Deleting all SMS messages.
- Uploading all the contacts/photos/coordinates from the device to the master
Ο τρόπος που προσπαθεί να διαδωθεί δεν είναι ιδιαίτερα εξεζητημένος όπως τον περιγράφει η Kaspersky.
Generally speaking, saving autorun.inf and a PE file to a flash drive is one of the most unsophisticated ways of distributing malware. At the same time, doing this using a smartphone and then waiting for the smartphone to connect to a PC is a completely new attack vector. In the current versions of Microsoft Windows, the AutoRun feature is disabled by default for external drives; however, not all users have migrated to modern operating systems. It is those users who use outdated OS versions that are targeted by this attack vector.
Thus, a typical attack victim is the owner of an inexpensive Android smartphone who connects his or her smartphone to a PC from time to time, for example, to change the music files on the device. Judging by the sales statistics for Android smartphones, I would say that such people are quite numerous. For the attack to be more successful, it only lacks a broader distribution scheme.
Το κακόβουλο app είχε το όνομα DroidCleaner ενώ υπήρχε και το "δίδυμο" του Superclean.
0 σχόλια:
Δημοσίευση σχολίου