It has more than 10 types of tools that have more than 610 different types of Hacking Application that used for real hacking.
“Obad.A’s functional scope, sophisticated obfuscation of the code and the quick exploitation of vulnerabilities are all considered characteristics of Windows malware.” He says this is a clear sign that the future will bring not only more threats for Android, but threats that are more sophisticated, elaborate and tricky for security professionals to fight.★ Blaeser says Obad.A is particularly devious, as it extremely difficult to remove once it has been installed, and it conducts its business on the sly, invisible to the user.
Once a device is infected, the cyber criminal is in full control.
The latter two aim at making analysis of the malware tricker.
One example he cites, is Backdoor Obad.A, a highly sophisticated malware that was first spotted in China this June.Īccording to the G Data report, the malware exploits three security vulnerabilities for its attacks - a previously unknown vulnerability in the Android operating system, an error in a tool called Dex2Jar and an error in Android's handling of the file AndroidManifest.xml. He said the report revealed that only a few samples have been detected so far, but that G Data is expecting significant developments in this area. However, although versatile and plentiful, their use is limited, and they are often removed by the phone’s owner as they are unnecessary for the app.” “A wide range of FakeInstallers is available, such as the common 9, which has been available for a while. The report also discussed FakeInstallers, which are chargeable installers for popular programs that send premium SMS messages when executed, costing the device owner a lot of money. The rapid growth of malware for mobiles can be attributed at least in part, to the availability of malware kits, which enable even inexperienced malware programmers to create functioning, manipulated apps using a type of modular system.” “On average, G Data SecurityLabs uncovered 2 868 new Android malware files daily.” He says G Data recently released a half year report on mobile malware, that revealed that the number of new malware samples rose dramatically in the first half of 2013 with 519 095 new malware files compared to 185 210 in the same half of the previous year.
From that moment, the device is part of a botnet and the attacker therefore has full control over it, and can read contacts, the call list, SMS and MMS messages, locate the device through GPS – pretty much anything the user can do.Īccording to Blaeser, the risk for Android mobile devices is on the rise globally, as clearly illustrated by rising detection numbers and the proliferation of newly detected malware files. One example of this is the recently uncovered ‘binder’ tool that adds a whole new dimension to the RAT threat.īlaeser says: “When used together with the AndroRAT APK binder, AndroRAT allows even a fairly inexperienced hacker to automate the process of infecting any legitimate Android application with AndroRAT, essentially ‘Trojanising’ a legitimate app.”Īndroid APK Binder essentially adds another access point to a legitimate app so that, when the device is booted, the "AndroRAT" component and not the legitimate app is opened in the background. However, the down side of this is that malware authors also enjoy its user-friendliness and have jumped on the bandwagon, and found ways to exploit AndroRAT for their own gains. “AndroRAT is user-friendly and easily adapted to user requirements,” he adds. An administrator could manage the installation of apps, manage contact lists and suchlike. Because of this, it could be used in the end-point management area or in connection with the BYOD concept. He said AndroRAT began as a university project, designed to enable the legitimate and legal management of Android mobile devices.
“The code for this tool has been publicly available for months at GitHub, a hosting service for software development projects, as well as at Google Code.” Lutz Blaeser, MD of Intact Security cites AndroRAT as a perfect example of this. There is also a trend towards cyber crooks manipulating fully functional apps. There is no doubt that malware writers are very adaptable, as evidenced by the rise of remote access tools (RAT) that run multiple operating systems.