Friday, January 25, 2013

The largest botnet in China's history

Malicious program Android.Troj.mdk, which infected more than 1000000 Mobile devices (based on operating system Android) in China, was an updated version of the malware Android.Backscript.

Experts of the company Symantec claim that both malicious codes are similar. In addition, both use the same certificate to sign files APK.

The main difference Android.Troj.mdk from its progenitor (Android.Backscript) is that data encryption it uses encryption standard AES.

As previously reported, getting on the mobile device, the Trojan allows attackers to fully control it. This malware is generally used by cybercriminals to gather information: sms-messages, contact information and details about the location and movements of the device, and to steal files stored on the device.

Initially it was assumed that the attackers managed to introduce Android.Troj.mdk more than 7000 applications for Android. However, experts Symantec claim to have discovered more than 11,000 applications infected by this malware.


No comments:

Post a Comment