ID: IRCNE2013061868
Date: 2013-06-08
According to "computerworld", a newly discovered Trojan program exploits previously unknown flaws in Android and borrows techniques from Windows malware in order to evade detection and achieve persistence on infected devices.
Security researchers from antivirus firm Kaspersky Lab named the new malicious application Backdoor.AndroidOS.Obad.a and labeled it the most sophisticated Android Trojan program to date.
The malware is designed to send SMS messages to premium-rate numbers and allows attackers to execute rogue commands on infected devices by opening a remote shell. Attackers can use the malware to steal any kind of data stored on compromised devices or to download additional malicious applications that can be installed locally or distributed to other devices over Bluetooth.
The Obad.a malware exploits a previously unknown flaw in the Android OS in order to hide itself from the administrators list, leaving users unable to revoke the privilege and uninstall the app.
In addition, on rooted devices, the malware tries to gain root privileges by executing the "su id" command, said Denis Maslennikov, a senior malware analyst at Kaspersky Lab, Friday via email.
"Backdoor.AndroidOS.Obad.a looks closer to Windows malware than to other Android Trojans, in terms of its complexity and the number of unpublished vulnerabilities it exploits," Unuchek said.
The new Trojan program is distributed through SMS spam, but is not very widespread at the moment.
- 2