Obad is the Baddest Android Trojan on the Block

obad_android_trojan

There is a new Android Trojan in town and this is one bad dude. Backdoor.AndroidOS.Obad or “Obad” as it is known on the street, is the most sophisticated Trojan ever seen, rivaling the capabilities of Windows based malware.

Yesterday a Malware Analysts Expert from Kapersky Labs released an announcement on a new Trojan that seemed like it was written for Windows and not an Android Device.

Earning it the dubious title “The Most Sophisticated Android Trojan“.

Sure it sends SMS messages to high rate numbers like many other Android malware apps, but there are several new features that really set this one apart. According to the report, Obad also has the following capabilities:

  • Downloads and installs other malware programs
  • Propagates malware to other devices via Bluetooth
  • Fully functional remote Command & Control

The ability to download other malware programs has been a Windows Trojan staple feature for a long time. But being able to use Bluetooth as a springboard to infect other devices is pretty concerning.

Obad_android_trojan01

Obad’s Command & Control features allow cyber criminals to send commands via SMS messaging, use a remote shell, download remote files, pull application & personal data from the phone, and attack other devices by using Bluetooth.

Another unique feature is that Obad can also freeze the display for up to 10 seconds to hide what it is doing from the device owner.

Using obfuscated code and several new vulnerabilities, Obad definitely raises the stakes in the mobile malware department. Thankfully it is not very well wide spread at the moment.

For more information check out the Kapersky Team’s complete analysis.

Advertisements

Hackers and Predators – The Dangers of Social Networking

Social Engineering and Phishing attacks (bad guys pretending to be someone else to obtain information from you) are some of the biggest threats against your network today. Why would hackers spend days, months, years trying to hack through a firewall or corporate website when they can get quick access by tricking someone to open a backdoored document or run a remote access program?

But how do these attackers know who to attack in a corporate network, or the best way to word a malicious communication attempt to get you to click on it?

Social Media sites!

Two years ago I became aware of a tactic of hackers gaining access to systems by targeting teens. Hackers created malicious sites based on popular teen based movies and pop stars. Now it seems that hackers and cyber criminals have shifted a lot of focus to social media sites.

Hackers target social sites like LinkedIn and even Facebook to to obtain tons of information about potential targets. As a matter of fact, Social Engineers have created bogus LinkedIn users and used a programming interface to easily search for users at a particular place of business and pull a lot of information from their account that could be used in a Social Engineering attack.

Unfortunately there is also a disturbing trend of stalkers and predators possibly using social media sites to track or find potential victims. For over a year and a half, the community awareness website ICanStalkU.com showed internet users how easy it was to pull geotag information from pictures posted on social media sites. They would post a picture pulled from a social site along with the posters user name and… Their Location!

Sadly a recent story by the Associated Press talks about how predators in Indonesia were using Facebook to solicit young teenage girls, and then kidnap and traffic them:

“When a 14-year-old girl received a Facebook friend request from an older man she didn’t know, she accepted it out of curiosity. It’s a click she will forever regret, leading to a brutal story that has repeated itself as sexual predators find new ways to exploit Indonesia’s growing obsession with social media.

The junior high student was quickly smitten by the man’s smooth online flattery. They exchanged phone numbers, and his attention increased with rapid-fire texts. He convinced her to meet in a mall, and she found him just as charming in person.”

The young girl was smitten by the online user’s charm. The simple friend request, exchange of information and finally an in-person meeting led the 14 year old girl into the hands of a 24 year old predator. The monster kidnapped her, she was drugged, beaten and raped.

According to the article there were 7 girls this month in Indonesia who were abducted by people they had met on Facebook.

People are way to trusting on Social Media sites. Do not friend people that you do not know. Be careful how much information you put on business sites like LinkedIn. Keep an eye on young users using social media and warn them about the potential risks of strangers.

Social media is a great thing, it helps us keep in touch with friends, family and co-workers. But there are dangers with online networking. Surf safely!