Ερευνητές της εταιρείας ασφαλείας ESET ανακάλυψαν μια νέα και επικίνδυνη εφαρμογή (Trojan) που στοχοποιεί συσκευές Android προχωρώντας σε λήψη και εγκατάσταση κακόβουλου λογισμικού. Το trojan, που εντοπίστηκε από το security software by ESET as Android / TrojanDownloader.Agent.JI, spreads via compromised websites and appears as a Flash Player update.
This is one of the threats to Android that will be presented by ESET in Mobile World Congress.
Once installed, malicious software creates a false service on Android to save battery power by prompting the victim to give her access to the Android Accessibility features. If the user authorizes the "Monitor your actions», who are "Retrieve window content» and "Turn on Explore by touch» the attacker can imitate the actions of the user by displaying what he wants on the screen.
« In cases we investigated, this trojan was created to download another trojan which was designed to earmark money from bank accounts. However, only a small change to the code would mean the infection with the user spyware ή ransomware» warns ESA's Malware Researcher Lukáš Štefanko, head of analysis.
The main indicator that a device is infected with malware is the presence of the “Saving Battery» among services in the Accessibility menu. In such a case, the user should either use a reliable mobile security app like ESET Mobile Security & Antivirus to remove the threat, or uninstall the app by going to Settings -> Application Manager -> Flash-Player.
In case the user has been deceived by granting the device management rights to the application, it is necessary to disable the administrator rights first, by going to Settings -> Security -> Flash-Player.
"Unfortunately, uninstall it downloader it does not remove the malicious applications it may have already installed. As is the case with downloader, the best way to clean the device is to use a mobile security solution » recommends Lukáš Štefanko.
ESET specialists have prepared a number of basic tips for preventing malware attacking mobile phones:
- Download applications or updates only from a trusted source - in the case of an Adobe Flash Player update, the only secure part is the official Adobe site. Always check the URL in your browser
- Pay attention to the access and rights that your applications require.
- Use a reliable Mobile Security solution.
Those interested can find more information about it dangerous downloader or for preventative technology from ESET. ESET specialists will be at this year's Mobile World Congress offering information on mobile security.
