Kaspersky have found another scary trojan to wave under our noses and cause us to consider getting off the internet.
This one is called Triada and it targets Android devices with Windows-style malware swagger. Anyone running Android 4.4.4 and earlier is in trouble, according to Kaspersky, as they face an opponent created by “very professional cyber criminals” that can allow for in-app purchase theft and all the problems that come with privilege escalation.
And guess what? Android users dangle themselves in the way of the Triada threat when they download things from untrusted sources. Does no one listen to anything these days? Does it even matter? Kaspersky said in a blog post that the likely apps can “sometimes” make their way onto the official Android store.
There is something different about this attack. Kaspersky reports on a lot of these things, but Triada exploits Zygote, and that is a first.
“A distinguishing feature of this malware is the use of Zygote, the parent of the application process on an Android device that contains system libraries and frameworks used by every application installed on the device. In other words, it’s a demon whose purpose is to launch Android applications,” Kaspersky explained.
“This is the first time technology like this has been seen in the wild. Prior to this, a trojan using Zygote was known only as a proof-of-concept. The stealth capabilities of this malware are very advanced.
“After getting into the user’s device Triada implements in nearly every working process and continues to exist in the short-term memory. This makes it almost impossible to detect and delete using anti-malware solutions.”
The security firm added that the complexity of Triada’s functionality proves that professional cyber criminals with a deep understanding of the targeted mobile platform are behind the creation of this malware.
Kaspersky reckons that it is nigh on impossible to rid a device of the malware, and suggested that you might as well nuke your phone and start again.
Courtesy-TheInq
Comments