Trojan infection when using KakaoTalk

Trend Micro, a security firm in Japan, recently discovered KakaoTalk and many other messaging applications are becoming targets of hackers 'attacks, threatening users' information security.

Trojan infection when using KakaoTalk

Trend Micro, a security firm in Japan, recently discovered KakaoTalk and many other messaging applications are becoming targets of hackers 'attacks, threatening users' information security.

One of the most sophisticated ways for hackers to attack users is to write a legitimate version of popular applications and add malicious code to it. This will create an application containing trojans, but users will not know what is the real version and what is the malicious version.

In the case of the recent discovery in Japan, the malicious trojan version of KakaoTalk was discovered named ANDROIDOS_ANALITYFTP.A. This version has been spread through email. If you compare detailed applications, users can see the differences between versions.

Trojan infection when using KakaoTalk Picture 1
Differences between legal (left) and malicious KakaoTalk versions (right).

In addition, users also have a way to distinguish between the original application version and the trojan version. It is trojan applications that always require more access than legitimate applications.

Trojan infection when using KakaoTalk Picture 2
The Trojan version always requires more permissions.

ANDROIDOS_ANALITYFTP.A is identified as a trojan of tracking nature. Taking advantage of the invariant in the Android programming language, Java, the attacker will set up applications that regularly send owners contact information, text messages . This data can become a platform. for the next attack.

Besides creating malicious trojan application versions, the fake application is also used in KakaoTalk case. About a month ago, KakaoTalk warned users, through their official Twitter account, about a "KakaoTalk Security Plugin".

Trojan infection when using KakaoTalk Picture 3
KakaoTalk notifications from Twitter.

This fake application is known as ANDROIDOS_FAKEKKAO.A. A lot of people have been tricked for being named KakaoTalk, and then "Security" feels safe for users to download.

Trojan infection when using KakaoTalk Picture 4
Fake software is inserted into legitimate software.

Prevention:

The best way to prevent these threats is to avoid downloading applications outside of Google Play. Even, users should check the legality of current applications, to detect trojan versions. In addition, using a security solution like Trend Micro Mobile Security for mobile devices is also a must.

Besides the wise use of users, the responsibility of the application developers should also be emphasized. When creating and deciding to market, developers need to evaluate software, this application is at risk of being exploited, installing trojans or not. This not only helps users, but will also affect the reputation of the application developer itself.

How to create a KakaoTalk account
kakaotalk is a popular messaging and social networking application for young people all over the world. so how to register kakaotalk account like?
What is a Trojan? How to avoid trojan attack?
a trojan is not a virus, but its severity and impact are not different from viruses.
Vietnam ranked 8th in the rate of virus infection
kaspersky lab security company announced on november 10 the malware statistics in october 2009. accordingly, the rate of virus infection through the website of vietnam is 2.7%, ranking 8th among 10 countries with the highest infection rates.
Flash funny ... 'piggyback' on Trojan
security firm sophos labs recommends that users be careful with funny flash clips that appear on the internet, which could be the source of trojan infection on your pc.
Alarm of dangerous bot, Trojan infection rate
the latest statistics from microsoft show that backdoor trojans and bots are really terrible dangers for windows users. however, the rootkits infection rate is on the decline, partly due to updated security applications that add anti-rootkit features.
What is Trojan Dropper?
one particular program used by cyber criminals in their illegal transactions is the trojan dropper program. so how does this happen and how can you prevent it?
Again Trojan appeared to attack Mac OS
securemac, in a security warning message last week, said the applescript.tht trojan was released through a number of malicious websites.
Appeared Trojans spy on businesses
bitdefender warned of the dangers of a new spy trojan described by them as 'scary rivals', which can be used as an enterprise scout tool.
The fake Trojan add-on Trojan is extremely dangerous
security firm mcafee yesterday discovered a fake trojan as an add-on for the firefox browser to break into users' systems.
Appeared trojan trojan antivirus tool for mobile
this trojan called doomboot.g specializes in pretending to be an antivirus application called exovirusstop by exosyphen studios. jarno niemela, a virus researcher with security firm f-secure, said that this was the first trojan to attack
Microsoft warned the Emotet trojan back on a large scale, stealing the victim's banking information
after 5 months of silence, from february 2020 until now, the emotet trojan has just officially returned with a larger scale.
Carefully stolen information with Trojan - How to disable Trojan
you are using the internet with a password only you know, but somehow you are still using someone else's account. you suspect your mailbox has been previewed by other people even though you did not go to a public internet service to get it, so you cannot reveal your login information. if so, it is very likely that your computer has been installed or infected with trojan.