Featured Articles

Intel refreshes CPU roadmap

Intel refreshes CPU roadmap

Intel has revealed an update to its CPU roadmap and some things have changed in 2015 and beyond. Let’s start with the…

More...
Hands on: Nvidia Shield Tablet with Android 5.0

Hands on: Nvidia Shield Tablet with Android 5.0

We broke the news of Nvidia's ambitious gaming tablet plans back in May and now the Shield tablet got a bit…

More...
Nokia N1 Android tablet ships in Q1 2015

Nokia N1 Android tablet ships in Q1 2015

Nokia has announced its first Android tablet and when we say Nokia, we don’t mean Microsoft. The Nokia N1 was designed…

More...
Marvell launches octa-core 64-bit PXA1936

Marvell launches octa-core 64-bit PXA1936

Marvell is better known for its storage controllers, but the company doesn’t want to give up on the smartphone and…

More...
Nvidia GTX 970 SLI tested

Nvidia GTX 970 SLI tested

Nvidia recently released two new graphics cards based on its latest Maxwell GPU architecture, with exceptional performance-per-watt. The Geforce GTX 970…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Friday, 07 June 2013 09:10

Android malware proves nasty

Written by Nick Farrell

Obad news

Android has been hit by a nasty new malicious program dubbed Obad which exploits glitches in Google’s mobile operating system. Kaspersky Lab’s research blog, malware researcher Roman Unuchek called the newly discovered Trojan the “most sophisticated” malicious program yet detected that works with Android phones. He said that the Trojan had advanced features, including complex obfuscation techniques.

This made it difficult to look at the code. It also uses a previously unknown vulnerability in Android that allowed it to take control of and maintain a foothold on infected Android devices. Kaspersky has contacted Google regarding the malware and the alleged vulnerabilities in Android. The malware, dubbed Backdoor.AndroidOS.Obad.a, is described as a “multi function Trojan.” It is an SMS Trojan, whichsends short message service (SMS) messages to premium numbers. SMS Trojans are the most common form of mobile malware.

According to the report, the Obad authors discovered and exploited a previously unknown vulnerability in the Android OS relating to how Android processes a file called AndroidManifest.xml, a standard component of all applications that describes the application’s structure and operation to the operating system. According to Kaspersky, Obad ”modifies AndroidManifest.xml in such a way that it does not comply with Google standards, but is still correctly processed on a smartphone.”

A second vulnerability allowed Obad’s authors to obtain extended Device Administrator privileges on infected devices, without appearing on the list of applications which have such privileges. As a result, Unuchek said that it wasn’t possible to delete Obad from the infected Android device after it gained the extended privileges.

Obad malware collects a wealth of information from the device, which is passed back to Internet-based command and control (C&C) servers, Kaspsersky said.

blog comments powered by Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments