Are all Android Apps Trusted?



Mobile hacking and its countermeasures is an important part of CEH Training for understanding learning and providing protection from such attacks.
The practice of manipulating or gaining unauthorized access to mobile phones, for the malicious purpose is known as Mobile hacking.
Following are the types of attack used on mobile sector:
  • Malicious apps
  • Bluetooth hacking
  • SMS forwarding
  • Malicious Website clicking
for gaining access partially or at root level an attacker exploits a mobile system and tries to use the above attacks to completing its purpose.

SMS forwarders are essentially Trojans that steal authentication or verification codes sent via text messages from online payment service providers. The codes are intercepted and used by cyber villains to penetrate customer accounts
Analysis by outside firms has found multiple types of malware embedded in apps released on the Android Market. Some examples of malicious Android Apps, discovered and removed from the Market,
are:
  • Super Guitar Solo
  • Photo Editor
  • Advanced Currency Converter
The attacker always tries to have root level access so as to use the device for his own beneficial purpose.
There are different sets of attack modes used. One to the method is as below:
  • Make a malicious file and upload it to an app.
  • Let it a victim download it and open it
  • Due to the victim such action a reverse TCP connection is established.
  • From her attacker try to get root level access and perform the task for exploiting it and tries to get something valuable.

Don’t become a prey to the attackers
Every month huge amount of malware and untrusted apps are downloaded that make their systems vulnerable to different sets of attacks and even causes victim get compromised as a bot to an attacker. Understanding the grave nature of such android attacks, one needs to check for certificates of applications before downloading and ensure these applications come from a trusted source. Download the data from trusted partners only.

Comments