• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 18th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Technology News
Android

Hackers Cloning Popular Android Apps to Infect Users with Malware

April 12th, 2017 Jahanzaib Hassan Security, Android, Malware 0 comments
Hackers Cloning Popular Android Apps to Infect Users with Malware
Share on FacebookShare on Twitter

The IT security researchers at Palo Alto Network have discovered new samples of the Adware-family “Ewind” have been discovered by security researchers. As if earlier versions of the Adware weren’t good enough, hackers have made some lethal modifications in the new samples, and it is looking even more dangerous than before.

Researchers believe that the new modifications in “Ewind” have made it much more than just an ordinary adware. As written in their blog post “Ewind is more than simply Adware. Ewind is, at very least, an actual Trojan – subverting genuine Android apps. The actor behind this activity can easily take full control of the victim device.”

When investigating multiple samples of the Ewind, researchers found that the Adware can do a lot of damage to its victim and could perform multiple tasks. On gaining the administrative rights, attackers can send several commands to the infected device including locking the screen, displaying different ads, preventing the uninstallation of the app, etc.

Ewind malware can control how and when the screen should be locked.

Ewind can also be used to steal SMS and contacts of an infected device. The hackers can steal the sender’s phone number and the SMS content, and it is likely that the feature can be used to bypass two-factor authentication.

In case you are wondering how an adware can perform all the above-said function, here is the answer: -Ewind has a list of “Targeted apps” on it, and every time it spots a targeted app, the adware sends a signal to its command and control (C2) server, which then notify Ewind to execute the relevant command.

Old School Trick: Hackers behind the adware are using an old school trick to promote Ewind. The trick involves disassembling a popular app of the play store, cloning it with a malicious code inside, and uploading it to third party stores to hunt unwitty users.

Some of the popular cloned apps targeted by Ewind include GTA Vice City, AVG cleaner, Minecraft – Pocket Edition, Avast! Ransomware Removal, Vkontakte, and Opera Mobile.

The security firm also found conclusive evidence suggesting that the culprits behind this vicious scheme are from Russia. However, they noticed something strange, something unusual. The hackers are not even sparing their countrymen; this has never happened before.

The researchers further explained that “Usually Russian actors avoid targeting Russian subjects. Deliberate targeting of Russians, in this case – by an apparently Russian actor – is therefore somewhat unusual.”

[fullsquaread][/fullsquaread]

Stay safe! Here is what you need to do to avoid being a victim of this vicious malware. Never download anything from an untrusted third party store, at least avoid giving administration access to those apps.

[newad][/newad]

  • Tags
  • Android
  • Cyber Crime
  • gaming
  • hacking
  • internet
  • Malware
  • Privacy
  • security
  • Technology
Facebook Twitter LinkedIn Pinterest
Previous article New tech allows researchers to bypass fingerprint scanner on smartphone
Next article Attackers can guess our passcode "just from the way we tilt our phone"
Jahanzaib Hassan

Jahanzaib Hassan

Related Posts
'Child's Play' - Kids breach and bypass Linux Mint screensaver lock

'Child's Play' - Kids breach and bypass Linux Mint screensaver lock

Warning as hackers breach MFA to target cloud services

Warning as hackers breach MFA to target cloud services

Google reveals high-profile attack targeting Android, Windows users

Google reveals high-profile attack targeting Android, Windows users

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
'Child's Play' - Kids breach and bypass Linux Mint screensaver lock
Security

'Child's Play' - Kids breach and bypass Linux Mint screensaver lock

857
Transferring data between smartphones seamlessly
Technology News

Transferring data between smartphones seamlessly

592
Infamous cybercrime, carding market Joker's Stash is shutting down
Cyber Crime

Infamous cybercrime, carding market Joker's Stash is shutting down

1137

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us