Nextworm
spydealer

New malware attack android devices. Be Alert!!

Recently a new malware is appeared and now targeting to  Android devices. This malware has infected data over 40 applications including Facebook, Whatsapp, Skype, and other applications. Researchers at Palo Alto Network say that the malware is called SpyDealer. Then, like what is SpyDealer malware?

What is SpyDealer Malware?

SpyDealer collects personal information including phone number, IMEI, IMSI, SMS, MMS, contacts, account, call history, location and wi-fi information connected. This malware can track the location of the device and record images and audio. Additionally, this malware can also answer phone calls from certain numbers and remote devices through UDP, TCP and SMS channels. To control the victim device, the malware implements three different C2 channels and supports more than 50 commands. Some users in China are infected with this malware through a disrupted wireless network.

This Android Versions are Vulnerable to Malware

SpyDealer has infected several users in China. This malware is only really effective on android devices running versions between 2.2 and 4.4. This is because the rooting tool used only supports that version. Thus, about 25% of this android device is active worldwide. For new Android users, this malware can steal a large amount of information but can not perform actions that require higher security. Researchers say they have found more than 1,000 malware samples. Most samples use the app name “GoogleService” or “GoogleUpdate”. The latest samples observed by researchers were created in May 2017. So you need to be careful with this malware. Especially you are Android users version 2.2 to 4.4.

Mani balan