Library file in certain Android apps connects to C&C servers
Revision as of 22:13, 5 August 2015 by Eric.freyssinet (talk | contribs) (Text replacement - " blog.trendmicro.com" to "")
(Publication) Google search: [1]
Library file in certain Android apps connects to C&C servers | |
---|---|
120px | |
Botnet | |
Malware | |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2012 / 11 juin 2012 |
Editor/Conference | Trend Micro |
Link | http://blog.trendmicro.com/library-file-in-certain-android-apps-connects-to-cc-servers/ (Archive copy) |
Author | Weichao Sun |
Type |
Abstract
“ We have uncovered certain Android apps (detected as ANDROIDOS_BOTPANDA.A) containing a malicious library file, which when executed, renders the infected device as a zombie device that connects to specific command and control (C&C) servers. What is also noteworthy about this file is that it hides its routines in the dynamic library, making it difficult to analyze.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1032, editor = {Trend Micro}, author = {Weichao Sun}, title = {Library file in certain Android apps connects to C&C servers}, date = {Error: Invalid time.}, month = Error: Invalid time., year = {2012}, howpublished = {\url{http://blog.trendmicro.com/library-file-in-certain-android-apps-connects-to-cc-servers/}}, }