5 million Android devices infected by new malware. Is your smartphone safe?

in #hack7 years ago

The Check Point Mobile Security discovered a new malware which has infected nearly 5 million Android devices.
They gave the malware a name ‘RottenSys’ as it was initially disguised as a System Wi-Fi service.

  • RottenSys, a mobile adware, has infected nearly 5 million devices since 2016.
  • Indications show the malware could have entered earlier in the supplier chain.
  • The attackers have been testing a new botnet campaign via the same C&C server.

How does RottenSys work?

The malware is earning fraudulent advertising revenue from the infected devices. The researchers say this may though change over time.
It has ability to download and install new software from it's command and control (C&C) server.
It has also recently started to turn millions infected devices into a massive botnet.

The criminals behind the malware earn over $11.000 US dollars each day by displaying ads on android users devices.

Evasion techniques.


The malware is designed to hide it's presence by not performing any suspicious activity during first days after installation. It only downloads malicious components at some later stage and not at the original installation time.

RottenSys downloads these components silently, using the DOWNLOAD_WITHOUT_NOTIFICATION permission which does not require any user interaction.

rottensys.png

#security #android #technology #blog
7 years ago in #hack by
$0.17
  • Past Payouts $0.17, 0.00 TRX
  • - Author $0.16, 0.00 TRX
  • - Curators $0.02, 0.00 TRX
6 votes
Reply 0

Coin Marketplace

STEEM 0.19
TRX 0.15
JST 0.029
BTC 64210.52
ETH 2627.33
USDT 1.00
SBD 2.76