Iranian Golden Pages Canada - Zarvaragh.com
Home Directory Promote Your Business Services Need Business Advice? About Us Contact Us  
 


Advanced Search



 




Contact us to promote your business
Your listing will appear on Google!
 

DressCode Android Malware Discovered on Google Play




by Alon Menczer and Alexander Lysunets, Check Point Research Team
The Check Point mobile threat prevention research team discovered a new Android malware on Google Play, called “DressCode,” which was embedded into more than 40 apps, and found in more than 400 additional apps on third party app stores. Check Point notified Google about the malicious apps, and some have already been removed from Google Play.

The oldest apps were uploaded to Google Play on April 2016, where they remained undetected until recently. Some of the apps reached between 100,000 and 500,000 downloads each. Between 500,000 and 2,000,000 users downloaded the malicious apps from Google Play.

Similar to Viking Horde, DressCode creates a botnet that uses proxied IP addresses, which Check Point researchers suspect were used to disguise ad clicks and generate false traffic, generating revenue for the attacker. A botnet is a group of devices controlled by hackers without the knowledge of their owners. The bots can be used for various reasons based on the distributed computing capabilities of all the devices. The larger the botnet, the greater its capabilities.

Once installed on the device, DressCode initiates communication with its command and control server. Currently, after the initial connection is established, the C&C server orders the malware to “sleep,” to keep it dormant until there’s a use for the infected device. When the attacker wants to activate the malware, he can turn the device into a socks proxy, rerouting traffic through it.

So, why should you be concerned about such malware?

Both Viking Horde and DressCode malware create botnets which can be used for various purposes, and even to infiltrate internal networks. Since the malware allows the attacker to route communications through the victim’s device, the attacker can access any internal network to which the device belongs. This can compromise security for enterprises and organizations.

To demonstrate how this could be achieved, Check Point researchers created a video , showing how attackers could potentially use the DressCode malware to access an internal network and retrieve sensitive files from it.

Appendix – Package names found on Google Play

com.dark.kazy.goddess.lp
com.whispering.kazy.spirits.pih
com.shelter.kazy.ghost.jkv
com.forsaken.kazy.game.house
com.dress.up.Musa.Winx.Stella.Tecna.Bloom.Flora
com.dress.up.princess.Apple.White.Raven.Queen.Ashlynn.Ella.Ever.After.High
com.monster.high.Dracubecca.freaky.Fusion.draculaura
com.dress.up.Cerise.Hood.Raven.Queen.Apple.White.Ever.After.Monster.High
com.ever.after.high.Swan.Duchess.barbie.game
com.cute.dressup.anime.waitress
com.rapunzel.naughty.or.nice
guide.slither.skins
clash.royale.guide
guide.lenses.snapchat
com.minecraft.skins.superhero
com.catalogstalkerskinforminecraft_.ncyc
com.applike.robotsskinsforminecraft
com.temalebedew.modgtavformcpe
com.manasoft.skinsforminecraftunique
com.romanseverny.militaryskinsforminecraft
com.temalebedew.animalskinsforminecraft
com.temalebedew.skinsoncartoonsforminecraft
com.str.carmodsforminecraft
com.hairstyles.stepbystep.yyhb
com.str.mapsfnafforminecraft
com.weave.braids.steps.txkw
mech.mod.mcpe
com.applike.animeskinsforminecraftjcxw
com.str.furnituremodforminecraft
com.vladgamerapp.skin.editor.for_.minecraft
ru.sgejko.horror.mv
com.vladgamerapp.skins.for_.minecraft.girls
com.zaharzorkin.cleomodsforgtasailht
com.temalebedew.ponyskins
com.my.first.date.stories
com.gta.mod.minecraft.raccoon
com.applike.hotskinsforminecraft
com.applike.serversforminecraftpe
com.zaharzorkin.pistonsmod
wiki.clash.guide
mobile.strike.guide
prank.calling.app
sonic.dash.guide


2368 page views
Want to convert pinglish to english?   Want to convert date?   Want to find out today's currencies' value?
         
Need a dictionary?   Want to download Zarvaragh's pdf version?   Need business advice?

 
 
 
 
 
   
 
   
 
 
 
     
 
Head Office
Toronto, Ontario, Canada
Phone: 416-222-2211
Toll Free: 1-855-460-2211
Fax: 416-222-7422
mail@zarvaragh.com
   
3500 Dufferin Street
Suite 603 Toronto,ON M3K 1N2

Montreal, Québec, Canada
Toll Free: 1-855-460-2211
Fax: 416-222-7422
montreal@zarvaragh.com

Orange, California, USA
Phone: 714-978-4888
Toll Free: 1-855-460-2211
usa@zarvaragh.com

© 2011 www.zarvaragh.com
Sitemap:

Home
Add Your Business
Directory
Promote Your Business
Services
Need Business Advice
About Us
Contact Us
Website Legals
Download Zarvaragh Online Versions:

2015 - 2016
2014 - 2015
2013 - 2014
2012 - 2013
2011 - 2012
2010 - 2011
2009 - 2010
2008 - 2009
2007 - 2008
2006 - 2007
2004 - 2005