Skip to main content

Beware! This New Android Malware Infected 500,000 Android Users

According to the latest reports, recently a new malware has been discovered which has already infected 500,000 Android users, and the most interesting thing about this new malware is
that this malware found inside seemingly innocent QR code apps.

Beware! This New Android Malware Infected 500,000 Android Users

This is yet another case of “Machiavellian science” executed by criminals who use so-called social engineering to steal the most unsuspecting user.

At the same time, we have two different QR code issues that affect Android and iOS devices. In the case of Android is malware, while in iOS is a bug.

Yesterday was made known that iOS has one more bug and this time something that can lead the user to fall into a malicious scheme. As we saw yesterday in detail, iOS, with the arrival of the iOS 11 version, has brought the user a small and interesting increase in the camera app.

Also Read :  Facebook Just Added An Awesome New Feature To Its Messenger App

Since then it has become possible to (natively) read a QR code without the need to resort to third-party apps. However, German website Infosec has found that this feature can be used by cybercriminals to conduct attacks, since reading a QR code displays the information of a site, but the user can be redirected to another site (for example, a website with malware).

As we are currently referring to, not innocently, we have two different QR code issues that affect Android and iOS devices. If in the case of iOS is a bug of the operating system itself, already in the case of Android is even malware in some applications.

Who refers to it is the security company SophosLabs, which discovered some applications for Android with malware and were available in the Play Store. These applications hide malware with features to read QR codes and other actions that are deceptive to the user.

While this is not the first case of malware-infected apps within the Google Play Store, the Andr/HiddnAd-AJ malware hidden in these applications is designed to look like an Android programming library. In this way, they managed to deceive the Google filtering system.

In addition, these applications do not reveal their true intentions until six hours after installation. After that, they start flooding devices with ads.

The tech giant Google has already removed these applications with malware, at least those that were pointed out, but for an idea, while they were exposed in the Play Store, they were downloaded more than 500,000 times. The deception used by programmers to fool Google’s “Play Protect” system seems surprisingly simple.

Read Also :  Hackers Can Use Your Antivirus To Spread Malware

First, the apps were, at least superficially, what they actually claimed to be: six were QR code reading applications and one was the so-called “smart compass.” In other words, if you were just testing apps for fun, or for some other reason, you’d be inclined to judge them by its own descriptions.

Second, criminals did not immediately activate the adware part of their apps, hiding themselves innocently for a few hours before triggering a barrage of ads.
Third, the adware part of each app has been incorporated, at first glance, as a standard Android programming library that has been embedded in the software.

By adding an innocent-looking “graphics” subcomponent to a collection of programming routines you’d expect to find in a standard Android app, the adware engine within the application is effectively camouflaged.

For all its apparent innocence, however, this malware does not only display web advertising pages but can also send Android notifications, including clickable links, to entice you to generate advertising revenue for criminals.

So, what do you think about this? Simply share all your views and thoughts in the comment section below.

Comments

Popular posts from this blog

What is the difference between a direct and an indirect address instruction ?

Direct addressing means the instruction refers directly to the address being accessed. That is, the instruction encoding itself contains the address of the location. Depending on the instruction set, it may also allow computing a small index relative to the address. When used that way, you can think of that as a direct-indexed mode. (Note: Some processors call ‘direct’ mode ‘absolute’, such as the 6502.)

Indirect addressing uses an address held in a register or other location to determine what memory location to read or write. The idea here is that the instruction itself isn’t directly telling you the address to access, but rather indirectly telling the CPU where to find that address. The processor may also allow you to add a small offset to the indirect address, giving an indirect-indexed addressing mode.
Also Read : 5 Best Terminal Emulators for Linux The 6502 one is a little quirky: The 6502 doesn’t have general-purpose registers large enough to store addresses, so i…

What is ASP.NET? and it's ARCHITECTURE

What is ASP.Net?ASP.Net is a web development platform provided by Microsoft. It is used for creating web-based applications. ASP.Net was first released in the year 2002.
The first version of ASP.Net deployed was 1.0. The most recent version of ASP.Net is version 4.6. ASP.Net is designed to work with the HTTP protocol. This is the standard protocol used across all web applications.

ASP.Net applications can also be written in a variety of .Net languages. These include C#, VB.Net, and J#. In this chapter, you will see some basic fundamental of the .Net framework.

The full form of ASP is Active Server Pages, and .NET is Network Enabled Technologies.
ASP.NET Architecture and its Components ASP.Net is a framework which is used to develop a Web-based application. The basic architecture of the ASP.Net framework is as shown below.
 he architecture of the.Net framework is based on the following key components

Language – A variety of languages exists for .net framework. They are VB.n…

What Is Defensive Programming ?

Defensive programming is a form of defensive design intended to ensure the continuing function of a piece of software under unforeseen circumstances. Defensive programming practices are often used where high availability, safety or security is needed. – WikiPedia


Introduction Defensive programming is a form of defensive design intended to ensure the continuing function of a piece of software under under unforeseen circumstances. Defensive programming practices are often used where high availability, safety or security is needed.
Advantages Defensive programming is an approach to improve software and source code, in terms of:
General qualityMaking the source code comprehensibleMaking the software behave in a predictable mannerDrawback Overly defensive programming, however, may safeguard against errors that will never be encountered, thus incurring run-time and maintenance costs. There is also the risk that the code traps or prevents too many exceptions, potentially resulting i…