This wonderful Geek-Christmas time of the year is back once more, promising a lot of exciting reveals from big manufacturers such as HTC and Samsung, but also some pretty gems teased by other smaller OEMs. What kind of exciting products will we see? While we've got a lot of leaked information from the highly expected S6 and M9, there is still a lot to learn about both - and about everything else that will be shown. What kind of trends will...
New Windows Malware Infects Android Devices; Protect Yourself with Two Easy Steps
Cross-platform malware is nothing new. And to be more specific, cross-platform malware involving the Android OS isn’t new either. This should come as no surprise, as the pint-sized mobile OS packs nearly as much functionality and freedom as its full-sized brethren.
Some time ago, we saw the Android.Claco trojan. This particular piece of malware used a compromised mobile device to transfect your Windows-powered PC by functioning as a malicious USB drive. Upon connection via USB Mass Storage, Windows AutoRun would then automatically execute the malicious payload.
Up until recently, however, the only cross platform malware involving Android that we’ve seen in the wild has involved infected Android devices targeting desktop computers. Now, Symantec has spotted a new trojan targeting Android devices from infected Windows computers.
The new malware is known as Trojan.Droidpak, and it essentially works by using ADB to install a malicious APK (variant of the previous Android.Fakebank.B trojan) that poses as the Google Play Store (“Google App Store” in the screenshot). Then once run, the malicious APK searches for specific Korean online banking apps. If these apps are found, the malware prompts the user to delete the originals and install malicious versions. It also intercepts and reroutes SMS messages on compromised devices to a predetermined location, presumably to intercept fraud protection messages from said banking institutions.
While this specific piece of malware poses very little concrete threat to those outside of Korea who do not rely on the select banking institutions targeted by the trojan, it is entirely possible that similar attacks exist in other regions, targeting other demographics. This highlights the importance of always being cautious and disabling unnecessary services. Furthermore, users should always exercise caution when connecting their mobile devices to unknown computers.
You can learn more about the specifics by visiting the Symantec Malware Bulletin. But first, make sure you protect yourself by disabling unnecessary services such as USB Debugging and only connecting to trusted computers. Furthermore, do yourself a favor and enable verify apps.
Has Android malware been an issue for you in the past? We’ve seen some evidence suggesting that it largely isn’t an issue for most users due to Android’s multiple layers of defense. However, this new type of attack could potentially bypass these measures on devices with USB debugging enabled and verify apps disabled. Let us know your thoughts on Android malware in the comments below!
[Many thanks to XDA Forum Member dr.eXntriK for the tip!]
Want something on the XDA Portal? Send us a tip!
Last week, I wrote about the best apps to unleash the raw photographic power of your Lollipop smartphone. All four of those cameras generate lossless DNG images with pounds of potential for apps like Photoshop to unlock, but what if you’re looking to edit or view those pics on the go? QuickPic, Google Photos, and the other mainstays treat raw images like they don't exist. This rundown seeks to fill the void and give you full control over your precious pictures....
While the majority of the top apps have already incorporated Google's newest design language, there are still very many apps that are in need of some Material Design love. Which apps do you think are most desperately in need of an update?