More aggressive financial Android threats
Consumers have been increasingly turning to their smartphones and tablets in order to do their online banking or shopping.
Along with accessing banking apps, mobile devices can be used for two factor authentication (2FA) processes. Once the user tries to log into their online bank account on a computer, a code gets sent to their mobile device, which they can input onto the banking site to verify their identity.
Attackers have caught onto these methods and have developed Android malware to steal these 2FA codes. Threats such as Android.Hesperbot and Andro
Increasing stealth – Android bootkits
Bootkits are used in advanced threats to typically target Windows computers. These threats operate deep within the operating system, usually infecting the computer’s startup code, such as the Master Boot Record, allowing the malware to execute before the operating system starts up. These forms of threats let an attacker maintain persistence on the compromised computer and hide certain processes from detection. As a result, bootkits can be tricky to deal with, as their components are protected by rootkits or other stealth features. Symantec offers Symantec Power Eraser, Norton Power Eraser, or Norton Bootable Recovery Tool to remove these types of threats on computers.
New routes onto the handset
Android malware typically relies on tricking users into installing a malicious application from an Android marketplace. Increased screening of applications is making it more difficult for attackers to get their malicious apps onto the marketplace. Attackers are instead starting to use desktop computers as a vehicle onto Android handsets, leading to the birth of hybrid threats.
To avoid this threat, users should be wary of connecting their mobile device to untrustworthy desktop computers and ensure that they have security software on both their desktop and mobile devices.
Of course, desktops may not be the only medium involved in these hybrid threats. As the Internet of Things becomes a new reality, it’s likely we’ll see threats attempt to use mobile devices to infect home automation systems and vice-versa.
You can find more information about the above at http://www.symantec.com/
The contents of this post were taken from a press release by Symatec.