Published On: Tue, Sep 26th, 2017

Decade-Old “Dirty COW” Security Bug Makes a Comeback to Bite Android Users

If there already wasn’t adequate Android malware going around, now a criminals are regulating Linux exploits to conflict a most-used mobile handling system. In an advisory published today, confidence researchers during Trend Micro advise that a newly rescued Android malware is exploiting a scandalous Dirty COW Linux confidence bug that was initial reported a year ago though was partial of Linux for over 9 years.

“Any user can turn base in 5 seconds in my testing, really reliably. Scary stuff,” Linux developer Phil Oester who rescued this disadvantage had pronounced during a time.

play-store-3Related Google Fights 2nd Biggest Malware Outbreak Ever; Make Sure You Don’t Have ANY of These Apps Installed on Your Devices

Dirty COW rescued in an Android malware family, sheltered as antagonistic publishing and diversion apps

Now, a confidence researchers are job a Android chronicle of this smirch ZNIU that is being tracked as CVE-2016-5195. Detected in over 40 countries, it is deliberate as a critical payoff escalation smirch that allows an assailant to benefit base entrance on a targeted system. “As of this writing, we have rescued some-more than 5,000 influenced users,” Trend Micro researchers write.

“Our information also shows that some-more than 1,200 antagonistic apps that lift ZNIU were found in antagonistic websites with an existent rootkit that exploits Dirty COW, disguising themselves as publishing and diversion apps, among others.”

In their post today, researchers Jason Gu, Veo Zhang, and Seven Shen pronounced that ZNIU enables enemy to infiltrate a exposed device remotely, after that they collect information and even send payments by reward SMS messages to a manikin Chinese company.

motog4Related Having Issues With Bluetooth On Your Motorola Device? Don’t Worry, Here is a Fix!

When a SMS transaction is over, a malware will undo a messages from a device, withdrawal no pointer of a transaction between a conduit and a malware operator.

Google had expelled a repair for Dirty COW confidence disadvantage in a patch expelled in Dec final year. “Dirty COW attacks on Android has been wordless given a discovery, maybe since it took enemy some time to build a fast feat for vital devices,” a confidence association added.

Trend Micro has now updated a hunt hulk about a latest malware strain, however, Google confirms that Google Play Protect will keep a users protected opposite this malware. Those who get their apps from third-party sources (as Android users in China have to) will be during a risk of being exploited by this Android Dirty COW malware. The confidence organisation has suggested users to implement apps from trusted third-party app stores if a central Google Play Store isn’t accessible in their country.

About the Author

Leave a comment

XHTML: You can use these html tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>