Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43445
  • Total Topics: 16537
  • Online today: 2848
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 1
Guests: 2826
Total: 2827









Author Topic: Mobile Malware Plays Hide and Seek  (Read 3777 times)

0 Members and 2 Guests are viewing this topic.

Pez

  • SCF VIP Member
  • *****
  • Posts: 776
  • KARMA: 117
  • Gender: Male
  • Pez
Mobile Malware Plays Hide and Seek
« on: 26. June 2013., 09:27:53 »
Mobile Malware Plays Hide and Seek

Android/Obad.A is mobile malware that has been described as very complex. Truly it is one of the most complex we’ve seen because it:

• Uses Bluetooth to infect other Android devices

• Accepts commands from the attacker

• Hides from the Device Administration list

This is a good collection of malicious activities for a modern piece of malware. Is it unique, though? No, other mobile malware has propagated via Bluetooth, as early as SymbOS/Cabir. Earlier mobile botnets on Symbian, Windows Mobile, and even Android have also accepted commands from attackers’ control servers. That last item, though, disappearing from a standard listing makes Android/Obad a bit more insidious.

Hidden apps: unwelcome guests?
If you can’t find it, you can’t remove it. Nearly every other piece of Android malware that doesn’t have root access can be found and discovered. Android/Obad uses a vulnerability that keeps it off the standard Device Administration list. The vulnerability isn’t yet closed, so it’s very likely we’ll see other malware authors start to exploit it.

Peek-a-boo, I see you
Fortunately, we have added hidden-app detection capabilities to the latest edition of our McAfee Mobile Innovations app (MMI). The MMI app hosts a bunch of our other new beta features as well. Protecting private data (Data Vault), letting your devices warn you before you lose them (Smart Perimeter), and a tool to avoid dangerous QR codes (Safe QR Reader).



"click the images to make them larger"

Select “Hidden Device Administrator Applications” from McAfee Mobile Innovations menu.

The Hidden Device Administrator Detector searches and finds all apps that have Device Admin access, even if they’re using the vulnerability to hide from the Android OS. Once you run it, it will give you a list of all hidden Device Admin apps and the option to deactivate or remove them.



A list of all detected Administrator Apps.

Malware attempting to hide via vulnerabilities face a short life. As soon as software publishers fix the bugs in their software or antimalware apps add detection and removal, their time is up.


Original article: Tuesday, June 25, 2013 at 10:39am by Jimmy Shah

Their is two easy way to configure a system!
Every thing open and every thing closed.
Every thing else is more or less complex.

Start Turfing ! http://scforum.info/index.php/topic,8405.msg21475.html#msg21475

Samker's Computer Forum - SCforum.info

Mobile Malware Plays Hide and Seek
« on: 26. June 2013., 09:27:53 »

devnullius

  • SCF VIP Member
  • *****
  • Posts: 3614
  • KARMA: 157
  • Gender: Female
    • SCForum.info
Re: Mobile Malware Plays Hide and Seek
« Reply #1 on: 26. June 2013., 17:26:35 »
Just the tools I was looking for :)

Samker: maybe move to Androïd board?  :angel:

devnullius
More information about bitcoin, altcoin & crypto in general? GO TO  j.gs/7385484/btc

Cuisvis hominis est errare, nullius nisi insipientis in errore persevare... So why not get the real SCForum employees to help YOUR troubled computer!!! SCF Remote PC Assist http://goo.gl/n1ONa9

Samker's Computer Forum - SCforum.info

Re: Mobile Malware Plays Hide and Seek
« Reply #1 on: 26. June 2013., 17:26:35 »

 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023