Victor KachiBeware of DVmap Malware Affecting Android Devices
A new Malware called DVmap is currently roaming about looking for smartphones to infect. And according to Kaspersky Labs, this malware is affecting Android devices, and it is different from all the malware we know and trust Google to protect us from.
Kaspersky has been monitoring the distribution of a Trojan horse in the Play Store since April 2017. Dvmap has been able to hide from Google’s protection and verification mechanisms by regularly swapping clean code with malicious code and vice versa. Now, we know that the Bouncers, which was introduced in 2012 to keep malware from the Play Store, can be tricked easily.
This malware, classified by Kaspersky Labs as Trojan.AndroidOS.Dvmap.a is a particularly tricky form of malware, according to experts. It tries to gain root access in four different ways, even with 64-bit compatible code. Worse, it injects malicious code into system libraries libdmv.so and libandroid_runtime.so.
Subsequently, the Trojan horse triggers protection mechanisms to verify and install third-party apps. This is done by an administrator service called com.qualcmm.timeservices, which looks similar to a legitimate background service like com.qualcomm.timeservices. Note the difference between the two service names, as it is a common ruse employed by hackers and malware advertisers to trick users into trusting them.
Now, the malware could install third-party software on infected devices at a later date. The author could offer this ability to anyone interested, on the black market. Right now, a huge number of devices could be affected. But so far, only a maximum of 50,000 devices are reported to be affected.
Theoretically, Google can delete harmful apps remotely from your device. However, since the malware manipulates system libraries, it could prevent Google from being able to do so, or report the uninstallation immediately to the malware’s author.
The author could then install a different version of the malware to escape the protection mechanism again. Right now, only formatting the system partition and reinstalling the original firmware can save an affected smartphone. The only way to prevent this from happening is to have the latest security patches. However, not everyone gets the updates, as manufacturers fear that if they do so they will not buy new phones.
Beware guys!!!
Source
Kaspersky has been monitoring the distribution of a Trojan horse in the Play Store since April 2017. Dvmap has been able to hide from Google’s protection and verification mechanisms by regularly swapping clean code with malicious code and vice versa. Now, we know that the Bouncers, which was introduced in 2012 to keep malware from the Play Store, can be tricked easily.
This malware, classified by Kaspersky Labs as Trojan.AndroidOS.Dvmap.a is a particularly tricky form of malware, according to experts. It tries to gain root access in four different ways, even with 64-bit compatible code. Worse, it injects malicious code into system libraries libdmv.so and libandroid_runtime.so.
Subsequently, the Trojan horse triggers protection mechanisms to verify and install third-party apps. This is done by an administrator service called com.qualcmm.timeservices, which looks similar to a legitimate background service like com.qualcomm.timeservices. Note the difference between the two service names, as it is a common ruse employed by hackers and malware advertisers to trick users into trusting them.
Now, the malware could install third-party software on infected devices at a later date. The author could offer this ability to anyone interested, on the black market. Right now, a huge number of devices could be affected. But so far, only a maximum of 50,000 devices are reported to be affected.
Theoretically, Google can delete harmful apps remotely from your device. However, since the malware manipulates system libraries, it could prevent Google from being able to do so, or report the uninstallation immediately to the malware’s author.
The author could then install a different version of the malware to escape the protection mechanism again. Right now, only formatting the system partition and reinstalling the original firmware can save an affected smartphone. The only way to prevent this from happening is to have the latest security patches. However, not everyone gets the updates, as manufacturers fear that if they do so they will not buy new phones.
Beware guys!!!
Source
Tap to Comment
Join Our Telegram Channel
Warning ⚠
Entclass Blog and its contents are protected by COPYRIGHT LAW (DMCA) with high-priority response rate. Reproduction without permission or due credit link back will cause your article(s) to be removed from search engines and disappearance of Ads on that page if monetized with Adsense.
Copy the link below and Share with your Friends:
About Entclass Blog
Entclassblog.com Is A Top Tech Blog That Provides Free And Cheap Browsing Cheats On Mtn, 9mobile, Glo And Airtel, Tweaking Guides And Tech News.
Newer Posts
Newer Posts
Older Posts
Older Posts
Wow... I'm scared man..
ReplyDeleteStop visiting or clicking unknown url if you don't want to get involved.... Warning things
ReplyDeletethanks you thanks for your help
ReplyDeleteThanks for the update
ReplyDeleteThanks for this bro
ReplyDelete