News

How bad guys getting malware within your smartphone

close

Top tech stories of 2017

2017 saw announcements of new products, ransomware attacks, and Russia’s influence on the 2016 US Presidential election. Here is a look at this year’s top tech news.

Digital thieves have a script for the stealing of your confidential data. A software security company spells.

Avira, a company that antivirus and Internet security software, has published a concise but informative 5 step guide to mobile theft to explain the how and why of the malware inside your mobile device.

The five-step strategy is pretty simple, but effective, according to Avira.

CUNNING MALWARE SPREADS, GO AFTER YOUR BANK ACCOUNT

Effectively, because a number of malicious software slips through filters on reputable online stores and, two, people are always looking for free stuff, Alexander Vukcevic, head of the virus lab for Avira, told Fox News.

“Users can rely on the quality of the assurance provided by store operators, and many users try to access and deploy popular apps by means of alternative shops without paying anything,” He said. “This…has been used by many authors of malware to infect mobile phones.”

Step 1: The plan. The bad guys, identify vulnerabilities, and then develop exploits. If they do not have the skills, they hire a bounty hunter on the black market. Bounty hunters sometimes work with exploit brokers. The broker gets paid because organizations pay to find them and stop the hack.

SCARY RANSOMWARE ATTACKS FAMOUS NORTH CAROLINA COUNTY

Step 2: The gear. Infected websites and malicious apps are the gear used to install malware on the victims ‘ phones.

Step 3: The inside of the man. Once you have downloaded to your phone, the bad guy tries to gain root access on the phone. “If this does not succeed, they generate a fake update notification, clicking the notification gives them the opportunity to display ads and download apps. Bandits can even have the phone IMEI number to the increase of the number of ads it can show,” says Avira.

IMEI stands for International Mobile Equipment Identity is a unique number that is used to identify phones.

SHIPPING GIANT HIT BY A CYBER ATTACK, REFUSES TO PAY HACKERS’ RANSOM

Step 4: The robbery. They sit and wait until the money begins to flow.

Step 5: the getaway. The cyber criminals have gotten inside and left malicious code behind. But the malware is often difficult to loosen,” says Avira.

HummingBad — and its derivatives — is a good real-world example, according to Avira. The booby-trapped app is incredibly cunning, because it is often supported by fake reviews and four stars.

https://blog.avira.com/mobile-malware-guide/

MacOS HIGH SIERRA ‘ROOT’ BUG MAKES IT EASY to HACK

“These apps can look pretty good. People have found in the official Google Play store or, more generally, of the off-market sites,” Avira said. Off-market sites offer, for example Android apps that are not available in the Google Play store. The apps on these sites are often free.

But, if users access to a malicious app immediately tries to get root access on the phone, which makes it possible to do pretty much anything. “If that fails, try the user to click on a fake “System Update” notification,” according to Avira.

And it can be very profitable. “Every click, every installation on the infected device means more money for the bad guys to an estimated $300,000 monthly,” Avira said, referring to HummingBad.

The correction can be extreme. “To remove this malware, the most common solution is a wipeout for the device owner, as it usually requires a complete reset of the device, the eradication of all the apps, settings and files are saved,” says Avira.

Follow us

Don't be shy, get in touch. We love meeting interesting people and making new friends.

Most popular