Νέος κίνδυνος για τους χρήστες του Android που σύμφωνα με τους ερευνητές της Avast μια νέα παραλλαγή του κακόβουλου λογισμικού Fobus κυκλοφορεί μεταμφιεσμένο στην γνωστή επέκταση προγραμμάτων περιήγησης Adblock Plus. This extension blocks ads in your browser.
Many app developers Android offer their applications for free by incorporating ads in order to cover their costs and make some profit. These can of course be annoying, especially in games, which is why users are looking for an ad blocking tool.
Avast researchers who analyzed the new variant of Fobus report that in addition to the permissions it requests and the uses to connect the spyware it includes, the malware is also extremely difficult to remove from the device.
With the administrator Android device rights it has acquired, it deletes its icon directly from the screen and continues to work seamlessly in the background.
The first sign of the problem becomes visible right from the start when the list of permissions that your Android device requests is displayed. Requests include the consent to make phone calls and send messages to premium services. Of course, an ad blocking tool has no use with it.
Once it is fully installed on the Android smartphone, it will be very difficult to get rid of it, because the authors have integrated a strong defense against all kinds of energy by the user.
Avast researchers report that when they tried to get their administrator rights to remove it, malware displayed a lock on the device screen.
“Fobus has a receiver that checks for calls from device_admin_disable_request. The moment the user tries to disable the device manager, this receiver catches the request and causes the device to lock the screen with a call προς τη λειτουργία κλειδώματος. Αυτή η λειτουργία δεν επιτρέπει στο χρήστη να επιβεβαιώσει την απενεργοποίηση,” he says Jan Alert's Avant.
Any attempt to unlock the screen is followed by a new screen lock from the malware if the confirmation window appears only for a very short period of time, which is not enough to prevent it with your finger.
Ωστόσο, αν είστε “ο γιος ή η κόρη του ανέμου” και το προλάβετε, εμφανίζετε ένα μήνυμα εκφοβισμού που σας ενημερώνει για το ότι αν συνεχίσετε τη διαδικασία, όλα τα δεδομένα της συσκευή σας θα διαγραφούν μέσω μιας πλήρους resets to the factory settings.
The threat, according to Sirmer, is not just a threat, as Fobus will only be removed when you manage to get the administrator privileges you have given him.
