Date:06/09/16
The oldest apps were uploaded to Google Play on April 2016, where they remained undetected until recently. Some of the apps reached between 100,000 and 500,000 downloads each. Between 500,000 and 2,000,000 users downloaded the malicious apps from Google Play.
Similar to Viking Horde, DressCode creates a botnet that uses proxied IP addresses, which Check Point researchers suspect were used to disguise ad clicks and generate false traffic, generating revenue for the attacker. A botnet is a group of devices controlled by hackers without the knowledge of their owners. The bots can be used for various reasons based on the distributed computing capabilities of all the devices. The larger the botnet, the greater its capabilities.
Once installed on the device, DressCode initiates communication with its command and control server. Currently, after the initial connection is established, the C&C server orders the malware to “sleep,” to keep it dormant until there’s a use for the infected device. When the attacker wants to activate the malware, he can turn the device into a socks proxy, rerouting traffic through it.
Both Viking Horde and DressCode malware create botnets which can be used for various purposes, and even to infiltrate internal networks. Since the malware allows the attacker to route communications through the victim’s device, the attacker can access any internal network to which the device belongs. This can compromise security for enterprises and organizations.
DressCode Android malware discovered on Google Play
The Check Point mobile threat prevention research team discovered a new Android malware on Google Play, called “DressCode,” which was embedded into more than 40 apps, and found in more than 400 additional apps on third party app stores. Check Point notified Google about the malicious apps, and some have already been removed from Google Play.The oldest apps were uploaded to Google Play on April 2016, where they remained undetected until recently. Some of the apps reached between 100,000 and 500,000 downloads each. Between 500,000 and 2,000,000 users downloaded the malicious apps from Google Play.
Similar to Viking Horde, DressCode creates a botnet that uses proxied IP addresses, which Check Point researchers suspect were used to disguise ad clicks and generate false traffic, generating revenue for the attacker. A botnet is a group of devices controlled by hackers without the knowledge of their owners. The bots can be used for various reasons based on the distributed computing capabilities of all the devices. The larger the botnet, the greater its capabilities.
Once installed on the device, DressCode initiates communication with its command and control server. Currently, after the initial connection is established, the C&C server orders the malware to “sleep,” to keep it dormant until there’s a use for the infected device. When the attacker wants to activate the malware, he can turn the device into a socks proxy, rerouting traffic through it.
Both Viking Horde and DressCode malware create botnets which can be used for various purposes, and even to infiltrate internal networks. Since the malware allows the attacker to route communications through the victim’s device, the attacker can access any internal network to which the device belongs. This can compromise security for enterprises and organizations.
Views: 392
©ictnews.az. All rights reserved.Similar news
- Cellphone Use May Raise Cancer Risk
- Australian police pushes cyber safety education
- Vietnam aims to lead in e-government
- Senate Website Gets Hacked
- US builds net for cyber war games
- Japan enacts anti-computer virus law
- India passes law vs e-waste
- Anonymous Declares War On The City Of Orlando
- Microsoft highlights evolving dangers as online identity data proliferates
- Consumers want internet security to be provided by banks
- Government facilities targets of cyber attack
- South Korean web attacks might been war drill
- Sri Lanka to Establish National Passport Database to Increase Border Security
- Hi-tech crime agencies set to employ information security professionals
- Phone hacking and online campaign bring down the News of the World