Hear, hear.
All the Nintendo fans with Android-operated smart-phones. A new piece of Android malware is showing up in third-party app stores dressed as a classic Nintendo game.
A renowned cybersecurity firm named Palo Alto Networks broke these news telling the public that it has discovered a completely new family of malware that is not only disguised as a but also behaves like advertising software, all while stealing personal information from infected Android devices. The malware is called Gunpoder, and it’s hidden in a gaming app.
The app is based on an open-source Nintendo Entertainment System emulator (an app that runs classic Nintendo games from the 1980s and early 1990s on mobile) and is available in third-party app stores. The bad actors behind the Gunpoder malware took the original emulator and added a payment function, advertising software, and a text feature that promotes the game using a device’s contact list. The result is a paid app that also steals your personal information.
Basically, here’s how this little shit works: Once downloaded, the app serves users a message that says the emulator is ad-supported. By touching “OK,” you are agreeing to let a program called Airpush collect data from your device. Airpush is a library typically used to push in app mobile ads. Within this NES emulator, however, it collects lots of personal information from a device, including a user’s location, their contact list, bookmarked websites, as well as information about the device itself.
“They’re trying to build a profile of people so they can target them for spearfishing or other malicious activity in the future,” says Scott Simkin, the senior threat intelligence manager at Palo Alto Networks. In addition to being able to target users for future attacks, Simkin says hackers can also sell user information on various webforums.
So beware of this software if you are using an Android-operated smart-phone!
All the Nintendo fans with Android-operated smart-phones. A new piece of Android malware is showing up in third-party app stores dressed as a classic Nintendo game.
A renowned cybersecurity firm named Palo Alto Networks broke these news telling the public that it has discovered a completely new family of malware that is not only disguised as a but also behaves like advertising software, all while stealing personal information from infected Android devices. The malware is called Gunpoder, and it’s hidden in a gaming app.
The app is based on an open-source Nintendo Entertainment System emulator (an app that runs classic Nintendo games from the 1980s and early 1990s on mobile) and is available in third-party app stores. The bad actors behind the Gunpoder malware took the original emulator and added a payment function, advertising software, and a text feature that promotes the game using a device’s contact list. The result is a paid app that also steals your personal information.
Basically, here’s how this little shit works: Once downloaded, the app serves users a message that says the emulator is ad-supported. By touching “OK,” you are agreeing to let a program called Airpush collect data from your device. Airpush is a library typically used to push in app mobile ads. Within this NES emulator, however, it collects lots of personal information from a device, including a user’s location, their contact list, bookmarked websites, as well as information about the device itself.
“They’re trying to build a profile of people so they can target them for spearfishing or other malicious activity in the future,” says Scott Simkin, the senior threat intelligence manager at Palo Alto Networks. In addition to being able to target users for future attacks, Simkin says hackers can also sell user information on various webforums.
So beware of this software if you are using an Android-operated smart-phone!
Post a Comment