Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43434
  • Total Topics: 16528
  • Online today: 3114
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 2
Guests: 3066
Total: 3068









Author Topic: Android App Contains Windows Worm  (Read 3478 times)

0 Members and 1 Guest are viewing this topic.

Pez

  • SCF VIP Member
  • *****
  • Posts: 776
  • KARMA: 117
  • Gender: Male
  • Pez
Android App Contains Windows Worm
« on: 02. September 2013., 09:36:16 »
Android App Contains Windows Worm

When developers are unaware of security they open the door to threats against their customers and users. We are not just talking about exploitable vulnerabilities in their code, but about something much more obvious than that.

Here is the curious case of an Android application on Google Play that contains some traces of malware, but poses no security danger for Android devices. This same application, however, is dangerous to other mobile and PC platforms.

Embedded inside this APK file, McAfee Labs found a Windows worm (Generic Malware.og!ats) that replicates itself via network shares. There is no auto-execution option for the malware on a Windows PC, but a user could run the malicious application by opening the APK (in Zip format) and running the program. This PC malware resides in each Android device that has installed the “KFC WOW@25 Menu” app.



When a legitimate Android application contains a malicious file such as this one (for a Windows PC), it is likely this has occurred due to neglect on the part of the developer. This neglect can be as simple as not securing the development environment.

The developer of this app possibly had outdated antimalware software on the computer, so without realizing that the computer was infected, the source code directory contained a copy of the worm. From there the worm was packaged, signed, and deployed on Google Play, with the developer completely unaware of the file.



Windows malware executable file is signed by the developer of the Android app.

Even though this may seem like a low risk and the application has been removed from Google Play, it still poses a risk to consumers.

Another interesting and similar case comes in the form of an infected HTML file containing malicious JavaScript code. This HTML exists within a preinstalled email application present on many Android tablet devices.



Email application in the tablet “Joy Tab Gem10312BK.”

We believe malware running on the developer’s PC is capable of infecting all HTML files with this JavaScript, including any ready to be packaged inside an Android app!

The lesson for developers is clear. It is vital to remember the essentials for a secure computer: maintain updated antimalware software, especially if you intend to distribute content to other users.

The cross-platform McAfee antimalware suite protects against these types of threats and alerts customers and developers to prevent infections. McAfee detects these Android applications on Windows platforms


Original article: Friday, August 2, 2013 at 1:34pm by Fernando Ruiz
Their is two easy way to configure a system!
Every thing open and every thing closed.
Every thing else is more or less complex.

Start Turfing ! http://scforum.info/index.php/topic,8405.msg21475.html#msg21475

Samker's Computer Forum - SCforum.info

Android App Contains Windows Worm
« on: 02. September 2013., 09:36:16 »

Samker

  • SCF Administrator
  • *****
  • Posts: 7529
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
Re: Android App Contains Windows Worm
« Reply #1 on: 08. September 2013., 09:00:03 »
...

Here is the curious case of an Android application on Google Play that contains some traces of malware, but poses no security danger for Android devices. This same application, however, is dangerous to other mobile and PC platforms.

Embedded inside this APK file, McAfee Labs found a Windows worm (Generic Malware.og!ats) that replicates itself via network shares. There is no auto-execution option for the malware on a Windows PC, but a user could run the malicious application by opening the APK (in Zip format) and running the program. This PC malware resides in each Android device that has installed the “KFC WOW@25 Menu” app.

...

Perfection in the evil...  :(

Thanks P.  :thumbsup:

Samker's Computer Forum - SCforum.info

Re: Android App Contains Windows Worm
« Reply #1 on: 08. September 2013., 09:00:03 »

 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023