Mobile Malware Hides in Plain Sight

Thursday, June 27, 2013 @ 06:06 PM gHale


Whether it a desktop or a mobile device, attacks and new versions of malware are getting more sophisticated every day, which is why a strong defense in depth program remains vital.

Just take the Android/Obad.A mobile malware. This malware is complex because it uses Bluetooth to infect other Android devices; accepts commands from the attacker, and it hides from the Device Administration list.

RELATED STORIES
Ransomware Attacks Android Devices
Ransomware that Steals Passwords
Ransomware Encrypts Data
Ransomware Uses Java Zero Day

While other mobile malware propagated via Bluetooth and others have accepted commands from attackers’ control servers, but having the ability to disappear from a standard listing makes Android/Obad a bit more difficult, said researchers at McAfee.

Nearly every other piece of Android malware that doesn’t have root access is possible to find and then replace it. But Android/Obad uses a vulnerability that keeps it off the standard Device Administration list. The vulnerability remains open, so other code writers will leverage that issue.

A McAfee Mobile Innovations app (MMI) should be able to help find the hidden code.

The Hidden Device Administrator Detector searches and finds all apps that have Device Admin access, even if they’re using the vulnerability to hide from the Android OS. Once you run it, it will give you a list of all hidden Device Admin apps and the option to deactivate or remove them.



Leave a Reply

You must be logged in to post a comment.