Jump to content

Beware the Masquerading app - Android


Hav0c

Recommended Posts

So I got this mail today from ESET

 

 

ESET recently uncovered the Remote Access Trojan (RAT) that was masked as several legitimate Android applications.  This is concerning to users, as applications have become a part of our mobile experience, and this, of course, has not gone by unnoticed with cyber criminals.   Often on Android devices, the malware will disguise itself as a legitimate, and often popular application.  To many eyes. the application looks like the real deal, as all the functionality of the real applications are available to the user.  But, it is the addition, the added extra, that is malicious and the very essence of a Trojan Horse.

The Android app ecosystem offers a reliable counter measure against such unwarranted and malicious modifications, and that is by digitally signing applications with the actual developers' certificates. 

 

However, how many users examine the applications they install on their devices?

 

The infected applications contained the Android version of the Unrecom RAT, a multi-platform remote access tool.  

- Taking photos;
- Recording audio through the microphone;
- Current GPC location;
- List of installed application;
- List of opened webpages;
- List of placed calls;
- Contact List;
- SMS (regular or Whatsapp) 

 

This RAT sounds like a interesting little rat :huh: .

Every line of code written by man can be undone by man

.

"A loser in the real world is still a loser in the net!" - .hack//SIGN

.
Getting old is inevitable,  growing up is optional !!

Link to comment
Share on other sites

Don't people have better things to do aside from trying to attack people's phones? Sheesh.

I'm here. What are your other two wishes?
Link to comment
Share on other sites

  • Moderators

Phones contain usable information in nefarious situations (banking, facbook, passwords in plain text notepad files, always connected devices to use a botnets, autocall and/or text to premium services which are fiscally attached to the criminal). It's time to stop thinking of hacking as a thing bored nerds are doing and realize that these attacks generate difficult to trace money (in the millions worldwide I'm sure) for criminals.

These aren't Matthew Broderick in wargames. They aren't my neighbors dialing into army computers to see if they can. You and your phone represent viable victims.

 

ADVICE FOR USING CCleaner'S REGISTRY INTEGRITY SECTION

DON'T JUST CLEAN EVERYTHING THAT'S CHECKED OFF.

Do your Registry Cleaning in small bits (at the very least Check-mark by Check-mark)

ALWAYS BACKUP THE ENTRY, YOU NEVER KNOW WHAT YOU'LL BREAK IF YOU DON'T.

CCLEANER, RECUVA, DEFRAGGLER AND SPECCY DOCUMENTATION CAN BE FOUND AT  https://support.piriform.com/hc/en-us and  https://www.ccleaner.com/docs

Pro users file a PRIORITY SUPPORT request at https://support.piriform.com/hc/en-us/requests/new

link to WINAPP2.INI explanation

Link to comment
Share on other sites

Hey Hav0c, I can solve that problem for you. Just give me a minute to go out to the garage and find my 16 lb. sledge.  :lol: 

 

Just kidding.  :P  That's why I have a TracFone. It costs me an average of about $8 a month because I rarely use it. About the only feature it has is text messaging (how 90's!), and I never even activated that. Someone can hack it until they turn purple and pass out, and all they'll end up with is my phonebook.

 

And Nergal is absolutely right. They're not doing this as a prank or as a joke. It's strictly business, and business is good.

Start every day with a smile and get it over with. - W.C. Fields

Link to comment
Share on other sites

Phones contain usable information in nefarious situations (banking, facbook, passwords in plain text notepad files, always connected devices to use a botnets, autocall and/or text to premium services which are fiscally attached to the criminal). It's time to stop thinking of hacking as a thing bored nerds are doing and realize that these attacks generate difficult to trace money (in the millions worldwide I'm sure) for criminals. These aren't Matthew Broderick in wargames. They aren't my neighbors dialing into army computers to see if they can. You and your phone represent viable victims.

 

A phone today in some instances contains more usable information then pcs in my opinion. Maybe you should just check on your neighbors, you will never know if they are trying to dial "home" ;) .

 

WarGames is a good movie.

 

 

Hey Hav0c, I can solve that problem for you. Just give me a minute to go out to the garage and find my 16 lb. sledge.  :lol:

 

Just kidding.  :P  That's why I have a TracFone. It costs me an average of about $8 a month because I rarely use it. About the only feature it has is text messaging (how 90's!), and I never even activated that. Someone can hack it until they turn purple and pass out, and all they'll end up with is my phonebook.

 

And Nergal is absolutely right. They're not doing this as a prank or as a joke. It's strictly business, and business is good.

 

Hmmmmm 16lb you say, do you think it will do the job vs just using a Nokia 3310 ?? :lol:

 

The question that one has to ask onself if you play with this sort of things is to distinguish between when is it a prank or a joke and when does it become a business for you. But yes busniess is good.

Every line of code written by man can be undone by man

.

"A loser in the real world is still a loser in the net!" - .hack//SIGN

.
Getting old is inevitable,  growing up is optional !!

Link to comment
Share on other sites

A phone today in some instances contains more usable information then pcs in my opinion. Maybe you should just check on your neighbors, you will never know if they are trying to dial "home" ;) .

 

WarGames is a good movie.

 

 

 

Hmmmmm 16lb you say, do you think it will do the job vs just using a Nokia 3310 ?? :lol:

 

The question that one has to ask onself if you play with this sort of things is to distinguish between when is it a prank or a joke and when does it become a business for you. But yes busniess is good.

 

A phone today in some instances contains more usable information then pcs in my opinion. Maybe you should just check on your neighbors, you will never know if they are trying to dial "home" ;) .

 

WarGames is a good movie.

 

 

 

Hmmmmm 16lb you say, do you think it will do the job vs just using a Nokia 3310 ?? :lol:

 

The question that one has to ask onself if you play with this sort of things is to distinguish between when is it a prank or a joke and when does it become a business for you. But yes busniess is good.

The only thing that can destroy a Nokia 3310 is another 3310. This process is repeated, until only one remains. The last 3310 will survive the inevitable heat death of this universe, and become the foundation of the next!

 

Book of Nokia 13:37

Link to comment
Share on other sites

The only thing that can destroy a Nokia 3310 is another 3310. This process is repeated, until only one remains. The last 3310 will survive the inevitable heat death of this universe, and become the foundation of the next!

 

Book of Nokia 13:37

 

"And so it was that the unknown prophet Winapp2.ini foretold of the great Android Apocalypse." 

Start every day with a smile and get it over with. - W.C. Fields

Link to comment
Share on other sites

"And so it was that the unknown prophet Winapp2.ini foretold of the great Android Apocalypse." 

 

Hear thee, Hear thee

 

It was foretold :D

 

*Notes date and time for historic purposes*

Every line of code written by man can be undone by man

.

"A loser in the real world is still a loser in the net!" - .hack//SIGN

.
Getting old is inevitable,  growing up is optional !!

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.