Updated:03:30 PM EDT Jul 21


this is ggmania.com subsite

NEWS
rss feed 
 
top 100
archive
submit news

FREE eBooks

REVIEWS
 
SOFTWARE
CD/DVD tools
Free Antivir
Security
Drivers
Utilities
 
FORUMS
comments
hardware
software
off-topic
 
LINKS
 
SPONSORS:

Forex Brokers Reviewed



Try to play real money casino with no risk by claiming offers at freespinsnodeposituk.com that lists no deposit free spins

When playing bingo online, we recommend to read verified reviews at bingosite.org.uk before choosing a bingo site to play at.



Bästa mobilcasino means the best mobile casino in Swedish. Visit NyaMobilCasinon.se and play at top smartphone casinos.

Looking for free spins? https://nyacasinonsverige.se/nya-free-spins/ Visit and claim 10, 20, 50 or more extra spins to play your favourite slots.

(C) 2006-2018 TechAmok
All Rights Reserved.


CONTACT
 
Android Banking Trojan Svpeng Adds Keylogger - TechAmok

Android Banking Trojan Svpeng Adds Keylogger - [security]
07:13 PM EDT - Aug,01 2017 - post a comment

The authors behind the Android banking malware family Svpeng have added a keylogger to a recent strain, giving attackers yet another way to steal sensitive data.

Roman Unuchek, a senior malware analyst with Kaspersky Lab, said Monday he spotted a new variant of the Trojan in mid-July. Unuchek says the keylogger takes advantage of Accessibility Services, an Android feature that assists users with disabilities or assists users to access apps while driving.

Unuchek specializes in digging up Android malware; earlier this summer he helped alert Google of two apps in its Play marketplace that were really Ztorg Trojans and another app that was a rooting Trojan, Dvmap.

According to the researcher the most recent iteration of Svpeng checks the device's language. If the language isn't Russian, it asks the device to use Accessibility Services, something that can subject the device to a number of dangerous outcomes.

“It grants itself device administrator rights, draws itself over other apps, installs itself as a default SMS app, and grants itself some dynamic permissions that include the ability to send and receive SMS, make calls, and read contacts,” Unuchek wrote Monday, “Furthermore, using its newly gained abilities the Trojan can block any attempt to remove device administrator rights – thereby preventing its uninstallation.”

Once afforded the ability to access to the inner workings of other apps on the device, Unuchek says Svpeng can steal text entered on other apps and take screenshots, information that's promptly fired off to the attackers' command and control server.

Unuchek said that as part of his research he managed to intercept an encrypted configuration file from the malware's C&C server. The file helped him determine some of the sites and services that Svpeng targets. He claims the file contained phishing URLs for both the PayPal and eBay mobile apps, along with URLs for banking apps from the UK, Germany, Turkey, Australia, France, Poland, and Singapore.

The file also contained an overlay for a rewards app – not a financial app: Speedy Rewards, an app distributed by the US gas station/convenience store chain Speedway.

In addition to including URLs, the file helps the malware receive the following commands from the server:

  • To send SMS
  • To collect info (Contacts, installed apps and call logs)
  • To collect all SMS from the device
  • To open URL
  • To start stealing incoming SMS

The most recent version of the Trojan, dubbed Trojan-Banker.AndroidOS.Svpeng.ae, isn't exactly widely deployed, Unuchek says. Only a small number of users were attacked over the course of a week, but it could stretch further. While the malware may have not hit a lot of users, those that were hit came from all corners of Europe – 23 countries, including Russia, Germany, Turkey, Poland, and France, according to Unuchek.



Add your comment (free registrationrequired)

Short overview of recent news articles

Jul,21 2018 Godzilla: King of the Monsters Official Trailer
Jul,21 2018 Godzilla Comes to VR
Jul,20 2018 Star Wars: The Clone Wars to Return With New Episodes
Jul,20 2018 TITANS - Official Trailer
Jul,20 2018 George R.R. Martin's Nightflyers Season 1 Comic-Con Trailer
Jul,19 2018 Corning Designed Gorilla Glass 6 to Better Handle Real-World Drops
Jul,19 2018 Hottest Babes on the Internet #97
Jul,18 2018 Google Vows to Appeal $5 Billion Fine from EU
Jul,18 2018 Frida Aasen In The Hottest Photoshoot Of The Year
Jul,18 2018 50 Years of Innovation at Intel
Jul,17 2018 BLOOD MACHINES Exclusive Trailer (2018) Sci-Fi Movie
Jul,17 2018 Assassination Nation Red Band Trailer #1 (2018)
Jul,17 2018 The Matrix: EARLY ACCESS
Jul,17 2018 How exactly does binary code work?
Jul,17 2018 Extract password from TeamViewer memory using Frida
Jul,16 2018 AVENGERS INFINITY WAR "Avengers VS Thanos" Fight
Jul,16 2018 Stability Audit: AMD vs NVIDIA
Jul,16 2018 Huawei Says GPU Turbo Update to Boost Mate 10 Pro, P20 Pro
>> News Archive <<

TechAmok - Privacy Policy        loading time:0.01secs