These days, systems aren't usually configured that way, and the largest category of personal computers out there—smartphones—usually don't even have any way for users to gain administrative privileges at all. That's why it's so concerning when new phone malware is found that can gain root for itself. Such a capability means that the offending application can grant itself privileges, install additional software, and generally take full control over the device, all without any user approval or action.
Cybersecurity company Lookout's threat lab just discovered exactly such a piece of malware. Lookout calls it "AbstractEmu" after its use of code abstraction and anti-emulation measures, which make it difficult to study. AbstractEmu gets on a device by pretending to be a legitimate piece of software. Lookout found nineteen apps that were front-ends for the malware, including one app—"Lite Launcher"—with over 10,000 downloads on the Google Play Store. The other apps were distributed using third-party stores, like the Amazon Appstore and the Samsung store.
Lookout wasn't able to determine who is responsible for creating AbstractEmu, but says that the creator is probably "a well-resourced group" that is motivated financially i.e. by the desire to steal money. Lookout draws comparisons between AbstractEmu and banking trojans that attempt to steal financial information from their victims, noting that it claims many of the same type of permissions. Lookout also notes that the malware seems engineered to target as many users as possible indiscriminately, further indicating that the goal was financial and not government or corporate secrets.
If you're concerned about whether you've been hit by AbstractEmu, you can hit up the Lookout blog to see the full list of known exploit packages.
https://ift.tt/3EwyKks
Technology
Bagikan Berita Ini
0 Response to "Android Devices Are Being Silently Attacked By Dangerous AbstractEmu Malware - Hot Hardware"
Post a Comment