Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
SystemSockbot malware was discovered in applications on Google Play Store
This month, Symantec discovered a new type of malware on Android called Sockbot, a legitimate application on Google Play that allows an attacker to create fake ad traffic.
This month, Symantec discovered a new type of malware on Android called Sockbot, a legitimate application on Google Play that allows an attacker to create fake ad traffic.
Symantec researchers claim that at least eight applications contain Sockbot identified and have between 600,000 and 2.6 million downloads and installations. The purpose of these applications is to change the look of the characters in the Minecraft Pocket Edition game. Besides, it also creates illegal advertising revenue.
- Google's new Play Protect system failed from the first test
Malware Sockbot implements a SOCKS proxy mechanism on infected devices
The name Sockbot comes from the operating mode of this malware. They install and deploy SOCKS proxy mechanisms on devices that infect and wait for commands from a remote C&C server.
Symantec also noted that this Sockbot malware could easily be expanded, leveraging some network vulnerabilities and being able to bypass security boundaries. In other words, attackers can use Sockbot to perform next DDoS attacks.
This is not the first Android botnet discovered this year. At the end of last August, the alliance of security firms together removed the botnet WireX, which includes more than 120,000 Android devices infecting and executing DDoS attacks.
Fortunately, Symantec has informed Google of eight malware-infected applications on October 6 and the company quickly deleted them from the Google Play store. However, this also reminds us to always be cautious when downloading any application on the Google Play Store store.
- Detect 17 applications that contain malware trojans on the App Store, if you have them on your computer, you should immediately remove them
- How to avoid Malware when downloading Pokemon GO?
- What to do when Google Play Store is not working?
- The best Google Play Store tips and tricks for Android users
- The Joker malware once again bypassed Google's security, spreading strongly on the Play Store
- Google declined to add 55% of the new Android application to Play Store in 2018, but that's not enough!
- What is PetitPotam Attack? How to overcome PetitPotam attack
- The Microsoft MSERT tool can find web shells related to the Exchange Server attack campaign
- Many encrypted SSDs can be decoded without a password
- Wsreset tool of Windows 10 Store was used by hackers to bypass anti-virus software
- CertUtil.exe allows an attacker to download malicious code and bypass antivirus software
- The CredSSP vulnerability in the RDP protocol affects all versions of Windows
- Detects two serious vulnerabilities on uTorrent that can help hackers execute malicious code or view download history on your computer
- Attack analysis uses Excel 4.0 macros to disguise
- Warning of dangerous vulnerabilities on WinRAR, users should uninstall or upgrade to a new version
- Zalo PC has a serious RCE error, you should be careful when receiving attachments
Technology story
Technology comments
Quiz technology
New technology
British talent technology
Attack the network
Artificial intelligence
Mac OS X
Hardware
Game