Library file in certain Android apps connects to C&C servers
Jump to navigation
Jump to search
(Publication) Google search: [1]
| Library file in certain Android apps connects to C&C servers | |
|---|---|
| 120px | |
| Botnet | |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2012 / 11 juin 2012 |
| Editor/Conference | Trend Micro |
| Link | http://blog.trendmicro.com/library-file-in-certain-android-apps-connects-to-cc-servers/ (Archive copy) |
| Author | Weichao Sun |
| Type | |
Abstract
“ We have uncovered certain Android apps (detected as ANDROIDOS_BOTPANDA.A) containing a malicious library file, which when executed, renders the infected device as a zombie device that connects to specific command and control (C&C) servers. What is also noteworthy about this file is that it hides its routines in the dynamic library, making it difficult to analyze.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1032,
editor = {Trend Micro},
author = {Weichao Sun},
title = {Library file in certain Android apps connects to C&C servers},
date = {Error: Invalid time.},
month = Error: Invalid time.,
year = {2012},
howpublished = {\url{http://blog.trendmicro.com/library-file-in-certain-android-apps-connects-to-cc-servers/}},
}