Monday, May 23, 2011
Bhima Permana Putra
Android fame deserves pointed thumb. The telecommunications companies are now flocking to bring over to Android with their product. But you must be alert, because there is a trojan reportedly now ready to target your Android!This is not the first time, returning to action, Trojan HongTouTou aka ADRD now repackaged and injected on Android popular applications and applications are distributed through the app store and a forum, especially in the community of users who speak Mandarin.
Reporting from Tim Strazzere of Lookout Mobile Security, malware is requesting additional permissions on the user's Android and immediately hidden executions are on the run without your knowledge. Including imitate you do a search or clicking on something.
"When you start opening applications that have been infected by Trojan HongTouTou, this application will send encrypted data containing the IMEI and IMSI data from your phone to the remote host. Furthermore, HongTouTou will receive a response to search and targeted to a specific URL, he would imitate the search keywords and send it as a question. "Said Strazzere.
"HongTouTou and then did a search using this keyword and display the results as if the top searches based on keyword and automatically will click on the link. For the search engine, the search seems to be done by the owner of the phone by using a web browser with User-Agent as UCWeb. "
Not only that, the Trojans are even able to execute the command to download the APK file (Android Package File).
"Although we have not seen this Trojan installs GER, but GER apparently was used to monitor the content of SMS and add relevant content contained in the message is spam."
Currently Trojan HongTouTou began spreading in China application market. Usually when you want to install third party applications, Android owners will receive notification to enable the installation of "an unknown source."
"Currently HongTouTou has infected 14 Android applications such as the one RoboDefense. This application has been repackaged and injected with a trojan, to get his original version that has not been infected would be better if you download directly on Google's Android Market. "
With a direct download from trusted sources, such as leading the app store, will reduce your risk of esophageal trojan. Or if you still want to try the application out of it, you should check back who publishernya, reviews from the users of that application, rating even features. If suspicious, could have been attacked by a trojan application.
source : http://www.beritateknologi.com/
Posted in: 
2 Comment:
wah serem juga yach nih virus.
can send encrypted data containing the IMEI and IMSI data from your phone to the remote host. wew..
Interesting thoughts.
Post a Comment