ID: IRCNE2014022117
Date: 2013-02-26
According to "techworld", Kaspersky Lab has spotted malware for the Android mobile operating system employing the TOR anonymity network.
TOR, short for The Onion Router, is software that offers users a greater degree of privacy when browsing the Internet by routing encrypted traffic between a user and a website through a network of worldwide servers. TOR can also be used to host websites on a hidden network.
The Android malware uses a TOR website as a command-and-control server, wrote Roman Unuchek of Kaspersky. Command-and-control servers are used to send instructions to the malware.
Adding TOR functions to desktop malware programs is nothing new. The latest finding shows hackers are increasingly targeting powerful mobile devices, which often hold valuable personal data. The malware can intercept SMSes, and collect other data, such as a user's phone number, the device's IMEI and the country where the device is located and request GPS coordinates.
Unuchek wrote that using a TOR site as a command-and-control server makes it "impossible to shut down."
The malware, which Kaspersky calls "Backdoor.AndroidOS.Torec.a" uses a package of software, called Orbot developed by The TOR Project that enables TOR on Android.
"We recommend keeping an eye out for any data usage increases from your mobile device, over-power consumption (running a constant TOR connection will no doubt drain your battery faster than otherwise) and any other kinds of odd behavior," Kujawa wrote.
- 5