DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!
   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
July 7, 2020 
Main Menu
News archives

Who's Online
There are currently 81 people online.


Latest Reviews
Ewin Racing Flash gaming chair
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset

Follow us

Godless malware roots Android devices

Posted on Thursday, June 23 2016 @ 14:32:58 CEST by

Android logo
Trend Micro security researchers discovered "Godless", a new family of mobile malware that is capable of infecting Android devices running on Android 5.1 or earlier. About 90 percent of all Android devices worldwide run on affected versions, the malware uses various exploits to root the device and plants a system app that is hard to delete.

Newer versions of the Godless strain are made to only fetch the exploit and the payload from a remote command and control server after the installation of the app Trend Micro believes this is done so the malware can more easily bypass security checks performed by app stores, like Google Play.

The security researchers claim they found several apps in the Play Store that contain the malicious code and they also found a large number of clean apps on Google Play that have corresponding malicious versions in the wild that share the same developer certificate. Presumably, there's a risk that the clean apps from the Play Store will be upgraded to the malicious ones via an update outside of Google Play:
We found various apps in Google Play that contain this malicious code. The malicious apps we’ve seen that have this new remote routine range from utility apps like flashlights and Wi-Fi apps, to copies of popular games. For example, a malicious flashlight app in Google Play called “Summer Flashlight” contained the malicious Godless code.

We have also seen a large amount of clean apps on Google Play that has corresponding malicious versions—they share the same developer certificate—in the wild. The versions on Google Play do not have the malicious code. Thus, there is a potential risk that users with non-malicious apps will be upgraded to the malicious versions without them knowing about apps’ new malicious behavior. Note that updating apps outside of Google Play is a violation of the store’s terms and conditions.
Full details at TrendMicro.



DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2019 DM Media Group bvba