0
Home > All News > NEWS
All Categories

News View More
  • HOT DEALS |
  • NEW |
  • PRE - ORDER |
  • COMING SOON
 
NEWS  

NEWS

 
 
Search News
From
To
 
Fake Android App Carries Trojan, Will be able to Launch DDoS Attacks from the Device which is infect
(01-01-2013)
 
Fake Android App Carries Trojan, Will be able to Launch DDoS Attacks from the Device which is infect
 

Fake Android App Carries Trojan, Will be able to Launch DDoS Attacks from the Device which is infected

Researchers have found a new Trojan app in the Google Play store that can launch Distributed Denial of Service (DDoS) attacks from the infected device.The malware can also receive commands from criminals, as well as send text messages from the infected device for spamming purposes.
Accordingly to the Russian Security Firm Doctor Web “ the threat is detected as "Android.DDoS.1.origin," and it is most likely to spread via social engineering tricks. According to the firm, the app disguises itself as a legitimate app from the Google kitty.
Once the app is installed on an Android device, it creates an icon that resembles the one for Google Play. This is designed in such a way to fool users that even on tapping the icon Google Play is launched.
Once the app is launched, however, the Trojan immediately tries to make a connection with its Command and Control (C&C) server. If the Trojan has managed to make a connection with the C&C server then it sends the user’s contact number to the criminials and awaits instructions thru text messages.
The malware basically has two main functions to attack the specified server and then send text messages.
When it receives a DDoS attack command, the malware starts sending data packets to the specified address. It is not possible for one corrupted mobile user to hurt the site by itself but if more Android devices are corrupted and if the site is targeted at the same time then it has the potential to take down the site.
Meanwhile, when the malware receives a command to send an SMS, it immediately spams the recipient. The infected device can incur unexpected charges for accessing the Internet and sending text messages, and it can also work at a significantly reduced performance.
According to the firm the criminals have gone through great lengths to hide the apps true intent in terms of its functionality. Considering that the app can be used for attacking Web sites, spamming products, or drawing revenues by sending large amounts of text messages to premium numbers, hiding the app's true function makes sense.
Till date there is no indication that the threat is spreading its tangles at a rapid pace or that it is widely spread but the very fact that an app on a widely used platform such as Android uses a DDos attack is a cause of great alarm and can pose serious risk. An advice to all Android Users to be very careful while downloading apps to their devices and to use only those apps which are legitimate and from trusted sources on Google Play.