ESET security researchers have discovered a new and dangerous application (Trojan) that targets Android devices by downloading and installing malicious software. The trojan, which was detected by ESET's security software as Android / TrojanDownloader.Agent.JI, spreads through broken websites and appears as an update to Flash Player.
This is one of the threats to Android that will be presented by ESET in Mobile World Congress.
Once installed, malicious software creates a false service on Android to save battery power by prompting the victim to give her access to the Android Accessibility features. If the user authorizes the "Monitor your shares », who are "Retrieve window happy» and "Turn on Explore by touch» the attacker can imitate the actions of the user by displaying what he wants on the screen.
« In cases we investigated, this trojan was created to download another trojan which was designed to earmark money from bank accounts. However, only a small change to the code would mean the infection with the user spyware ή ransomware» warns ESA's Malware Researcher Lukáš Štefanko, head of analysis.
The main indication that a device has been infected with malware is the presence of the "Saving Battery" option among the services in the Accessibility menu. In such a case, the user must either use a trusted mobile security application, such as ESET Mobile Security & Antivirus to remove the threat, or uninstall the application by going to Settings -> Application Manager -> Flash-Player.
In case the user has been deceived by granting the device management rights to the application, it is necessary to disable the administrator rights first, by going to Settings -> Security -> Flash-Player.
"Unfortunately, uninstall it downloader it does not remove the malicious applications it may have already installed. As is the case with downloader, the best way to clean the device is to use a mobile security solution » recommends Lukáš Štefanko.
ESET specialists have prepared a number of basic tips for preventing malware attacking mobile phones:
- Download applications or updates only from a trusted source - in the case of an Adobe Flash Player update, the only secure part is the official Adobe site. Always check the URL in your browser
- Pay attention to the access and rights that your applications require.
- Use a reliable Mobile Security solution.
Those interested can find more information about it dangerous downloader or for preventative technology from ESET. ESET specialists will be at this year's Mobile World Congress offering information on mobile security.
Dimitris hates Mondays...
