Android tem sido alvo de ataques. Houve vários casos de malware e ransomware Android, e até mesmo mineiros criptomoeda posando como aplicativos. Android tem sido sempre lucrativa para os atores maliciosos, and the quickly evolving threat landscape for the mobile operating system is a constant proof.
Com aquilo em mente, it comes to no surprise that Trend Micro researchers came across a type of malware posing as apps deployed for cyber espionage purposes. Para agora, only users in the Middle Eastern countries have been targeted, but the attack vector could quickly change depending on the group operating the malware. The apps were published on Google Play and third-party app stores. Por causa do nome da carga útil do de malwares, cão de guarda, os pesquisadores chamado os aplicativos AnubisSpy.
It’s believed that the AnubisSpy malicious operation is tied to the Sphinx cyber espionage campaign also known as APT-C-15. File structures, command and control servers and targets in the two campaigns are strikingly similar, meaning that the same group is likely behind both of them.
AnubisSpy Android Malware Capabilities
De acordo com pesquisa, the malware can steal SMS messages, fotos, vídeos, Contatos, contas de e-mail, calendar events, and browser histories. It can also take screenshots and record audio, calls inclusive. Não apenas isso, but it can also spy on the victim via apps installed on the device. This list is in the configuration file and can be updated, and apps like Skype, Whatsapp, Facebook and Twitter are included.
Once all the data is collected by the AnubisSpy malware, it is encrypted and sent to the command and control server. What is worse is that the malware is capable of self-destruct meaning that it can cover all of its tracks. AnubisSpy can run commands and delete files on the device, as well as install and uninstall Android Application Packages (APKs), os pesquisadores descobriram.
AnubisSpy and Android: What Are the Consequences for the Mobile Landscape?
“Persistent and furtive spyware is an underrated problem for the mobile platform,” Trend Micro researchers point out.
While cyberespionage campaigns on mobile devices may be few and far between compared to ones for desktops or PCs, AnubisSpy proves that they do indeed occur, and may have been more active than initially thought.
No início deste ano, researchers at G Data discovered that 750,000 new Android malware apps had been discovered only in the first quarter of 2017. Isso significa que aproximadamente 8,400 novas instâncias de malware foram reveladas todos os dias.
Como os usuários do Android podem proteger seus dispositivos?
All this malwares Android simply means that thorough protection is crucial to Android security.
Em outras palavras, a effective security solution is becoming increasingly important for smartphones and tablets. This software should implement a virus scanner that checks the mobile device for the various types of evolving malware targeting Android. It should also include surfing and phishing protection to secure users against dangerous emails and websites.
Os dispositivos Android devem ser protegidos e tratados com a mesma cautela que os computadores Windows. Manter o sistema operacional e os aplicativos instalados atualizados é crucial. Executar a versão mais recente do Android é essencial para a segurança. Além dessa necessidade, novos dispositivos aparecem o tempo todo, alguns deles de baixo orçamento, portanto, preferidos pelos consumidores. What is troublesome with Android that, unlike Windows, it’s not exactly clear with all the third-party providers how long a device will be updated with the needed security patches.