Tech
Android Malware ‘Dresscode’ In Google Play Store: Here’s How Malware Works [VIDEO]
Meg K.
First Posted: Sep 05, 2016 05:10 AM EDT
New reports suggest a new Android malware dubbed "Dresscode" has infected around 40 Google Play store apps and over 400 apps listed in third-party app stores. The malware was first discovered by researchers from IT security company Check Point.
What's alarming is the fact that DressCode-infected malicious apps on Google Play have already been downloaded by 500,000 to 2,000,000 users. In fact, some of the apps have reached between 100,000 and 500,000 downloads each, according to Check Point researchers Alon Menczer and Alexander Lysunets. It was found that the "DressCode" Android malware infected apps made their way to the Google Play Store starting April 2016, reported BGR.
It is to be noted that "DressCode" converts infected apps into proxy servers to create a botnet, which hackers can use to gain control over the devices. Generally, Bots can be used to distribute phishing links, malware and ransomware. A botnet's capabilities depends on its size. This means larger botnets come with more extensive capabilities. Researchers speculated that the hackers used the proxied IP addresses behind the malware to generate revenue by to generate revenue by disguising ad clicks and generating false traffic.
"Once installed on the device, DressCode initiates communication with its command and control server," the researchers noted, according to IBTimes. "Currently, after the initial connection is established, the C&C server orders the malware to "sleep," to keep it dormant until there's a use for the infected device. When the attacker wants to activate the malware, he can turn the device into a socks proxy, rerouting traffic through it."
They added that once the malware gets downloaded, it allows the hacker to route communications through the victim's device and access any internal network to which the device belongs. This as a result can prejudice security for enterprises and organizations. Readers can check out the video posted below to know how the "DressCode" malware can be used by hackers to retrieve documents and other file types from internal networks.
Stay tuned to SWR for more updates on Android malware "Dresscode" affecting Google Play store apps.
See Now:
NASA's Juno Spacecraft's Rendezvous With Jupiter's Mammoth Cyclone
TagsAndroid Malware, Android Malware ‘Dresscode’, Android Malware ‘Dresscode’ In Google Play Store, Google Play store, apps ©2024 ScienceWorldReport.com All rights reserved. Do not reproduce without permission. The window to the world of science news.
More on SCIENCEwr
First Posted: Sep 05, 2016 05:10 AM EDT
New reports suggest a new Android malware dubbed "Dresscode" has infected around 40 Google Play store apps and over 400 apps listed in third-party app stores. The malware was first discovered by researchers from IT security company Check Point.
What's alarming is the fact that DressCode-infected malicious apps on Google Play have already been downloaded by 500,000 to 2,000,000 users. In fact, some of the apps have reached between 100,000 and 500,000 downloads each, according to Check Point researchers Alon Menczer and Alexander Lysunets. It was found that the "DressCode" Android malware infected apps made their way to the Google Play Store starting April 2016, reported BGR.
It is to be noted that "DressCode" converts infected apps into proxy servers to create a botnet, which hackers can use to gain control over the devices. Generally, Bots can be used to distribute phishing links, malware and ransomware. A botnet's capabilities depends on its size. This means larger botnets come with more extensive capabilities. Researchers speculated that the hackers used the proxied IP addresses behind the malware to generate revenue by to generate revenue by disguising ad clicks and generating false traffic.
"Once installed on the device, DressCode initiates communication with its command and control server," the researchers noted, according to IBTimes. "Currently, after the initial connection is established, the C&C server orders the malware to "sleep," to keep it dormant until there's a use for the infected device. When the attacker wants to activate the malware, he can turn the device into a socks proxy, rerouting traffic through it."
They added that once the malware gets downloaded, it allows the hacker to route communications through the victim's device and access any internal network to which the device belongs. This as a result can prejudice security for enterprises and organizations. Readers can check out the video posted below to know how the "DressCode" malware can be used by hackers to retrieve documents and other file types from internal networks.
Stay tuned to SWR for more updates on Android malware "Dresscode" affecting Google Play store apps.
See Now: NASA's Juno Spacecraft's Rendezvous With Jupiter's Mammoth Cyclone