• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • March 6th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security
Malware

SDK Security Flaw Puts 100 Million Android Users Vulnerable to Backdoor Attack

November 6th, 2015 Agan Uzunovic Malware, Security 0 comments
SDK Security Flaw Puts 100 Million Android Users Vulnerable to Backdoor Attack
Share on FacebookShare on Twitter

A software development kit that has been provided by Baidu (A Chinese search engine) can easily be exploited for installing backdoors on Android devices.

About 100 million users are in danger of getting affected due to this vulnerability as according to Trend Micro‘s report the SDK has been used to make 14,112 Android applications till now. Out of these 14,112 Android applications, 4014 have been made by Baidu itself.

This SDK is known as Moplus and on opening it launches an HTTP server. The HTTP server runs in the background and the users hardly have any idea about it.

The server can be controlled by the hackers and they can send commands through a particular port to execute their commands. Currently, researchers found SDK using 2 ports i.e. 6529 and 40310.

But, you must be wondering how come hackers are able to handle the server so easily? Well, HTTP is a web server which is launched by SDK on startup so for hackers they only need to scan the mobile networks and find the ports they are looking for, next is sending the commands to the ports to execute.

[fullsquaread][/fullsquaread]

[must url=”https://www.hackread.com/android-banking-malware-masked-as-paypal-app/”]Banking Malware Masked as PayPal App Targeting Android Users[/must]

Here is a list of tasks hackers can ask for ports to execute:

* Get phone details

* Send SMS messages from the phone

* Make phone calls

* Add new contacts

* Download files on the device

* Upload files from the device

* Get a list of local apps

* Install apps

* Push Web pages

* Trace phone’s geolocation.

[must url=”https://www.hackread.com/android-malware-development-17-sec/”]Hackers Develop Android Malware Every 17 Seconds[/must]

Baidu has now been notified of the issues and they have updated the SDK by limiting some of its functions. Like it cannot download or upload files, scan for local apps and add new contacts.

But, it was not before Trend Micro researchers found SDK for a malware. The malware they found is known as “ANDROIDOS_WORMHOLE.HRXA.” The Wormhole vulnerability was originally identified by a Chinese IT security company Woo Yun.

If you own an Android device watch out for malware and don’t download apps from a third-party platform. Such platforms upload apps without scanning or verification and most of them are developed for the purpose of snooping into your device.

[src src=”Via” url=”http://blog.trendmicro.com/trendlabs-security-intelligence/setting-the-record-straight-on-moplus-sdk-and-the-wormhole-vulnerability/”]Trend Micro[/src]

[src src=”Source” url=”http://www.freebuf.com/news/83271.html”]FreeBuff[/src]

  • Tags
  • Android
  • backdoor
  • China
  • Flaw
  • hack
  • Malware
  • security
  • Smartphones
Facebook Twitter LinkedIn Pinterest
Previous article Android Malware Disguises itself as MS Word Doc, Spies on Your Phone
Next article Anonymous stands true to its words, leaks more data on alleged KKK members
Agan Uzunovic

Agan Uzunovic

Agan Uzunovic is a Bosnian journalist who is working for the country's largest newspaper. He has a keen interest in reporting on activism and hacktivism. He is also a contributor at U.S based Revolution News media. Agan reports and writes for HackRead on IT security related topics.

Related Posts
Microsoft, FireEye report 3 new malware linked to SolarWinds hackers

Microsoft, FireEye report 3 new malware linked to SolarWinds hackers

Threat actors hijacking Bitbucket and Docker Hub for Monero mining

Threat actors hijacking Bitbucket and Docker Hub for Monero mining

IT Security firm Qualys extorted by Clop gang after data breach

IT Security firm Qualys extorted by Clop gang after data breach

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Microsoft, FireEye report 3 new malware linked to SolarWinds hackers
Cyber Attacks

Microsoft, FireEye report 3 new malware linked to SolarWinds hackers

Threat actors hijacking Bitbucket and Docker Hub for Monero mining
Security

Threat actors hijacking Bitbucket and Docker Hub for Monero mining

Top Russian hacker forums Maza, Verified hacked; data leaked online
Hacking News

Top Russian hacker forums Maza, Verified hacked; data leaked online

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us