New Trojan, virus data

In the Android ecosystem, an interesting creation of unknown hands, capable of recording outgoing calls from the device, saving them in .amr format to the SD card of the device. Called Golddream.A and discovered by security specialist (Dinesh Venkatesan) from CA Technologies.

The process by which everything happens is simple to the point of triviality - as soon as you install an infected application on a device, it resets the configuration file to the device, slightly specifying the parameters of the “remote server” and the operation of the application. As soon as this is done, a small functionality of the automatic recording of voice calls with subsequent saving is downloaded. Venkasetan tested the malware in two mobile emulators and the result was the same - the callrecord folder with the recording files of each “conversation” appeared on the map. It is especially interesting that Golddream has a configuration for downloading these files to a remote server.

Strictly speaking - viral and other similar software began to grow in the Android Market like mushrooms after a rain in February 2011, when DroidDream first appeared. More than 50 applications containing the Trojan code were removed, but their creators did not calm down - GGTracker and DroidDream Light came in, working on the same principle.

But this does not mean that they should not be afraid. Once the malware has established communication with the command center, it can grow into something more, allowing its operator to program more functionality. In this case, the control of the infected device in fact no longer belongs to its owner, but rather resembles computer management as part of a botnet.
')
The best solution to this problem are two things:
- regularly check the permissions of each installed application
- check the application using antivirus or the appropriate application during the download process (such as Norton, Lookout, Bitdefender and NetQin).

In addition to the already mentioned method of infection by the authors of viruses, other techniques are used. GGTracker infected other phones with SMS messages, and now “Malvertising” has become fashionable, when a user who clicks on an advertisement is redirected to a website that starts automatic software download.

Lookout speaks of an 85% increase in the number of malicious programs in the second quarter of 2011, based on data collected with the help of users of their own application - today there are almost 10 million of them and the number is increasing by 1 million . every month.





via TC , RRW