Biblioteca de virus
El análisis de tecnologías usadas por los malintencionados nos permite sacar conclusiones sobre los posibles vectores de desarrollo de la industria antivirus y afrontar las futuras amenazas con mayor eficacia. Entérese de cómo funcionan varios programas nocivos en sistemas infectados y cómo afrontarlo.
Android.Subscription in virus library:
Trojan applications for Android that subscribe users to paid mobile services. They are distributed as different legitimate software, like photo and video editors, multimedia apps, various system tools, launchers, navigation apps, and so on. Many of these apps are phony and lack any functionality. Others have minimal capabilities or can work completely different from what users would expect. Some of them can hide inside copies of initially harmless apps that malicious actors have modified.
When launched, trojans from the Android.Subscription family use a WebView system component. They will load affiliate services websites that activate paid subscriptions using Wap Click technology. These pages may contain specialized buttons with various content, banners, and other interactive elements. They may also have fields and forms to provide a mobile phone number. When the user taps these elements or provides a phone number, an attempt is made to automatically activate a paid service.
Below is an example of an affiliate service web page loaded by Android.Subscription trojans. This page is asking a potential victim for their mobile phone number.
Vulnerabilidades para Android
Según las estadísticas, cada quinto programa para el SO Android tiene vulnerabilidades, lo cual les permite a los malintencionados implementar los troyanos móviles en el dispositivo y realizar las acciones necesarias.
Auditor de seguridad en Dr.Web para Android diagnosticará y analizará la seguridad de un dispositivo móvil, ofrecerá soluciones para resolver los problemas y las vulnerabilidades encontrados.
