• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • December 15th, 2019
  • Home
  • About Us
  • Team
  • Advertise
  • Submit News
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Google+
    • Linkedin
    • Youtube
Home » Technology News » Android » Android Malware Poses As Google App To Ditch Security Apps

Android Malware Poses As Google App To Ditch Security Apps

December 29th, 2015 Uzair Amir Android, Malware, Security 0 comments
Android Malware Poses As Google App To Ditch Security Apps
Share on FacebookShare on Twitter

Android Malware poses as Google app to infect Android Devices and to Block Security Apps.

Recently, security researchers at Symantec Corp identified a malware family that attacks Android devices located in China and blocks security apps along with transferring private data from the device to its command servers.

The malware has been named Android.Spywaller and it is being deemed as a unique threat because during the infection it searches for a popular Chinese security app Qihoo 360.

Android.Spywaller uses a firewall to block the internal communications of this app and registers on the Android device it has infected with the same UID that the Qihoo 360 app uses.

It then loads DroidWall, a binary, which is a modified version of the UNIX iptable package that is compatible with Android devices.

This package is a famous firewall utility used on Linux systems and DroidWall was developed by Rodrigo Rosauro, an independent security researcher.

Image Source: Symantec

Image Source: Symantec

He later sold DroidWall to AVAST in 2011 and since this app had spent a considerable amount of time as open source, therefore, malware authors could find it easily through repositories like Google Code or GitHub.

[fullsquaread][/fullsquaread]

Just like Android-Spywaller, DroidWall is also used for blocking security applications so that these aren’t able to communicate with their cloud-based threat analysis servers.

This act makes security applications useless and provides the malware safe and free access to the device.

According to Symantec researchers, the malware isn’t as common among Chinese users, therefore, the risk associated isn’t that great either.

This malware can easily pose as a Google App known as “Google Service” by exploiting the absence of an official Google Play Store in China.

It must be noted that there is no such official Google App with this name.

Android.Spywaller is distributed through unofficial Android app stores and fools users to gain admin permissions.

The malware works in the background of the phone to steal information present on the device and later transfers it to one of its C&C (command and control) servers.

As per the report from Symantec team of researchers, Android.Spywaller is by far the most comprehensive Android spyware families they have discovered.

The app can search and exfiltrate data including SMS, call logs, GPS readings, emails, contact list, images, radio and system’s browser data.

Moreover, it also gathers data from apps like Oovoo, BlackBerry Messenger, Coco, QQ, Talkbox, Skype. SinaWeibo, Zello, TencentWeibo, WhatsApp, Vixer and Wechat.

Researchers believe that this malware family is the most intrusive of all spyware families ever identified as it covers multiple data types and information sources simultaneously.

  • Tags
  • Android
  • APPS
  • China
  • Google
  • hackers
  • Malware
  • Privacy
  • security
  • Smartphones
Facebook Twitter Google+ LinkedIn Pinterest
Previous article Someone Hacked A Freeway Sign To Display Pro-Donald Trump Message
Next article Hacked Website of Connecticut University Caught Spreading Malware
Uzair Amir

Uzair Amir

I am an Electronic Engineer, an Android Game Developer and a Tech writer. I am into music, snooker and my life motto is 'Do my best, so that I can't blame myself for anything.'

Related Posts
How to identify malware on your phone with these 7 signs

How to identify malware on your phone with these 7 signs

"The Smartest Lock Ever” KeyWe is Vulnerable to Hacking

"The Smartest Lock Ever” KeyWe is Vulnerable to Hacking

Plundervolt: A new attack on Intel processors threatening SGX data

Plundervolt: A new attack on Intel processors threatening SGX data

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

LATEST POSTS
Popular forms of cybercrime you should be aware of
Cyber Crime

Popular forms of cybercrime you should be aware of

352
70% of the entire US population is now on Facebook
Technology News

70% of the entire US population is now on Facebook

312
Hundreds of counterfeit branded shoe stores hacked with web skimmer
Cyber Crime

Hundreds of counterfeit branded shoe stores hacked with web skimmer

299
NGINX office in Moscow raided by police
Cyber Events

NGINX office in Moscow raided by police

1352

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us