Zero-Day Vulnerability gives Hackers full access to PCs
infosec

Zero-Day Vulnerability gives Hackers full access to PCs

A new zero-day vulnerability, which acts as a backdoor, giving access to hackers so they can take control of a ...
Read More
infosec

EU: There is no evidence of Kaspersky's risk

In June of 2018, there was an issue with Kaspersky Lab's products. The European Parliament had approved ...
Read More
infosec

Wipro: Carry out research after discovering a violation of data

The technology company Wipro said it is conducting an internal investigation after discovering that for some months some hackers ...
Read More
infosec

The cost of rescuing files from ransomware doubled 2019

The ransomware attacks are very widespread this time. Surveys show that hackers have greatly increased their ...
Read More
infosec

Violation of 5.600 customer data from Blue Cross, Idaho

Another online attack is coming to the fore and this time is the victim of Blue Cross's insurance company ...
Read More
Latest Posts

New malware for Android is used for targeted attacks

pincer2Doctor Web security company has discovered a new malware for Android. The new malware can intercept your incoming messages and forward them to criminals. Once installed, the Trojan can be used to steal messages for blackmail purposes or messages that may contain passwords used to enter bank accounts.

This malware is detected as "Android.Pincer.2.origin" by the Russian company Doctor Web and as reported by <...>

is a variation of the Android.Pincer family.

If a device is infected by Android.Pincer.2.origin, the user will see a false alert for the successful installation of a certificate, and after that, nothing else as the trojan will not perform any remarkable activity for a while.
Malicious software is booted when booted through CheckCommandServices, a silent service in the background. It will then connect to a remote server and start sending information about the mobile device that is installed. It gives full reference to those behind the attack: device model, device serial number, IMEI, carrier, phone number, system default language, operating system, and if account access is available root.
The malware then receives instructions from commands in the following format:
  • start_sms_forwarding [telephone number] - begin intercepting communications from a specified number
  • stop_sms_forwarding - stop intercepting messages
  • send_sms [phone number and text] - send a short message using the specified parameters
  • simple_execute_ussd - send and USSD message
  • stop_program-stop working
  • show_message-display and message on the screen of the mobile device
  • set_urls - change the address of the control server
  • ping - send an SMS containing the text 'pong' to a previously specified number
  • set_sms_number-change the number to which messages containing the text string 'pong' are sent.
The first command allows attackers to get the number from which the trojan should intercept the messages, which means it can be used for targeted attacks and to steal specific messages. The third one from the end shows that criminals have taken care to plan server change if they think that they are going to shut down.
Doctor Web reports that the new malware is not yet widely used. Not yet discovered on Google Play, where most Android device owners will download their apps, and seems to be targeted for specific attacks.
In short, this malware is not what's likely to hit you, but it's very interesting to see how the malware evolves are evolving, thenextweb.com reports. Our advice is the same as ever: you only use applications that you know are safe.
Source: iguru.gr
Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *