Developers behind an Android banking Trojan have fortified the malware with an exploit to help it gain root privileges; this is the first time a mobile banker that tries to obtain root privileges has been seen in the wild. Researchers detected the Tordow Trojan in February, but attackers have apparently tweaked it over the last several months in order to help it gain root privileges.
Once malicious code in the app is triggered, it downloads additional malware, including an exploit pack that’s downloaded to the system folder which grants the attacker root privileges on the device. With that, the attacker can do pretty much whatever he wants, Kivva writes. The Trojan can steal credentials from browsers installed on infected devices, either the default Android browser or Chrome, if it’s installed, and eavesdrop on SMS messages and calls. By being able to access browser information, attackers can glean bank account information from victims, such as logins, stored banking passwords, and cookies, assuming they’ve been saved in the browser.
Submitted by: Arnfried Walbrecht
Comments are closed.