RamKal Developers, which posted the app to the Play Store, also was behind a social messaging app, Whatsgram, that demonstrated much of the same behavior, according to Symantec. Nonetheless, we cannot entirely dismiss the possibility of the malware being used from click fraud or some other malicious end.” “However, the clicking events were not seen in action, even though all JavaScript codes were indeed loaded. “Looking at the three JavaScript codes, we initially believed that the app was originally designed to simulate clicking behind the scenes in order to generate ad revenues and increase web traffic (click fraud),” the researchers wrote in a blog post. Meanwhile, the would-be Telegram included three JavaScript codes to remotely control the program once it was on users’ phones. Many international users would have been tempted to download this program because it was available at least between January and May in countries where Telegram has been banned. Symantec’s discovery of MobonoGram 2019 provides the latest reminder that scammers use programs in the Google Play Store as Trojan horses to infiltrate users’ phones. The app also contained Android.FakeYouWon, a malware that displays websites promoting fake offers and scams. The program’s developers borrowed open-source code from the real Telegram app, a program that provides encrypted messaging, while adding code that forced the app to try to connect to gaming sites, pornography and other suspicious URLs on a constant basis. and the United Arab Emirates - before it was scrubbed from Google’s marketplace. The MobonoGram 2019 app was downloaded more than 100,000 times - mostly by users in Iran, the U.S. A bogus version of the messaging app Telegram infected downloaders’ phones with a pernicious strain of malware that sent devices searching for malicious sites on an endless loop, according to Symantec research published Monday.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |