Friday , October 7 2022

There is a new virus that infects Android phones via SMS


The cybersecurity company ESET has discovered a new malware of type ransomware for Android able to enter the contact list of the infected device and distribute themselves massively through text messages. Although for now, its impact is still limited.

According to ESET researchers, they discovered the existence of this virus through a malicious campaign started being distributed through Reddit and a forum called for Android developers XDA Developers, where the attackers seduced their victims with publications or pornographic adornments, which included links or QR codes

"In a link shared on Reddit, the attackers used the URL shortener This URL was created on June 11, 2019", Detailed.

<img data-attachment-id = "210493" data-permalink = "" data-orig -file = "" data-orig-size = "631,402" data-comments-open = "0" data-image-meta = "{" aperture ":" 0 "," credit ":" "," camera ":" "," caption ":" "," created_timestamp ":" 0 "," copyright ":" "," focal_length ":" 0 "," iso ":" 0 "," shutter_speed ":" 0 "," title ":" "," orientation ":" 0 "}" data-image-title = "Android Virus" data-image-description = "

They are warning about a new Android virus

"data-medium-file =" "data- large-file = "" class = "size- full wp image-210493 "src =" " alt = "Warning for new virus for Android" width = "631" height = "402" srcset = " Android .jpg? w = 631 & quality = 90 & ssl = 1 631w, = 1 300w "size =" (max-width: 631px) 100vw, 631px "data-recalc-dims =" 1 "/>

(Photo: Welivesecurity)

They are warning about a new Android virus

The message received from the attacked devices is a link that offers the option of downloading an application – which is an online sex simulator – and which is even configured with the language configured on the device in addition to including the name of the device. contact When the cell becomes infected, they explain:

"The ransomware controls the files in accessible storage, that is every storage device, except where the system files reside and encrypts most of them. (…) After encrypting the files, the ransomware displays its return note. The requested rescue is partially dynamic. The first part of the amount of bitcoins that will be requested is encrypted (the value is 0.01), while the remaining six digits are the user ID generated by the malware. "

But, as the researchers point out, the creators of this malware they are "amateurs" Because by analyzing their encryption techniques – which exclude files of over 50MB and images of less than 150kb -, they were able to see that they were "very poor". "It appears criminals have copied the list of Wannacry viruses," says lead researcher Lukas Stefanko.

However, these cyber-hackers should not be underestimated, they warn: "It is likely that the perpetrator is trying to improve this malware, fixing existing failures and looking for more advanced distribution, so it could become a very dangerous threat."

Source link