Sat, Jun 24, 2017 | updated 04:06 AM IST

New Dvmap Trojan can delete system's root access, reveals Kaspersky

Updated: Jun 10, 2017 12:40 IST      
New Dvmap Trojan can delete system's root access, reveals Kaspersky

New Delhi [India], June 10 (ANI): The recently discovered Dvmap Trojan can destroy root access after gaining rights on an Android smartphone, revealed Kaspersky Lab experts. Subsequently, since it cannot be detected, there also looms a threat of the device being controlled by the Trojan, by injecting a malicious code into the system library.

The introduction of the code injection capability is a dangerous new development in mobile malware. Since the approach can be used to execute malicious modules even with root access deleted, any security solutions and banking apps with root-detection features that are installed after infection won't spot the presence of the malware.

However, modification of the system libraries is a risky process that can misfire. The researchers observed that the Dvmap malware tracks and reports its every move to its command and control server - although the command server didn't respond with instructions. This suggests that the malware is not yet fully ready or implemented.

Dvmap is distributed as a game through Google Play Store. To bypass the store's security checks, the malware creators uploaded a clean app to the store at the end of March 2017.They then updated this with a malicious version for a short period of time, before uploading another clean version. In the space of four weeks they did this at least five times.

The Dvmap Trojan installs itself onto a victim device in two stages. During the initial phase, the malware tries to gain root rights on the device. If successful, it will install a number of tools, some of which carry comments in the Chinese language. One of these modules is an application, 'com.qualcmm.timeservice', which connects the Trojan to its command and control server. However, during the period of investigation the malware did not receive any commands in return.

In the main phase of infection, the Trojan launches a 'start' file, checks the version of Android installed and decides which library to inject its code into. The next step: overwriting the existing code with malicious code, can cause the infected device to crash.

The newly-patched system libraries execute a malicious module which can turn off the 'VerifyApps' feature. It then switches on the setting 'Unknown sources' which allows it to install apps from anywhere, not just the Google Play Store. These could be malicious or unsolicited advertising apps.

"The Dvmap Trojan marks a dangerous new development in Android malware, with the malicious code injecting itself into system libraries where it is harder to detect and remove. Users who don't have the security in place to identify and block the threat before it breaks in have a difficult time ahead. We believe that we have uncovered the malware at a very early stage. Our analysis shows that the malicious modules report their every move to the attackers and some techniques can break the infected devices. Time is of the essence if we are going to prevent a massive and dangerous attack," said Roman Unuchek, Senior Malware Analyst, Kaspersky Lab.

The Trojan, which was downloaded from Google Play more than 50,000 times since inception, has now been removed from the store.

However, Kaspersky experts believe that users must organise and back-up data from time to time. Additionally, Kaspersky also recommended users to install a reliable security solution, check that apps have been created by a reputable developer, to keep their OS and application software up-to-date, and not to download anything that looks at all suspicious or whose source cannot be verified. (ANI)

New Delhi [India], June 23 (ANI): Global mobile technology company OnePlus on Thursday launched its most awaited flagship 'OnePlus 5' in India priced at Rs. 32,999 for the 6GB RAM and 64GB storage version and Rs. 37,999 for 88GB RAM and 128GB storage version.

Full Story >>

New Delhi [India], June 23 (ANI): Social media giant Facebook has finally set up its new 'Group Insights' feature to enable proper administration of groups administrators (admins) to hold a more stringent check of the content being posted online.

Full Story >>

Online banking users to reach 150 billion by 2020: Study

Updated: Jun 22, 2017 16:35 IST     

New Delhi [India], June 22 (ANI): With the ongoing digital drive in India, the number of users opting for online banking is expected to double to reach 150 million mark by 2020, from the current 45 million active urban online banking users in India, according to a report drafted by Facebook and The Boston Consulting Group (BCG).

Full Story >>

Video-calling made easier with Google Allo's latest update

Updated: Jun 22, 2017 14:46 IST     

New Delhi [India], June 22 (ANI): With the latest update on Allo messaging app, users can now make video calls using Google Duo, without going to the app itself!

Full Story >>

Instagram Stories now has 250m users, new 'replay' feature

Updated: Jun 21, 2017 17:38 IST     

New Delhi [India], June 21 (ANI): Commemorating its achievement of registering 250 million daily users on its 'Stories' feature, social media engagement platform Instagram on Wednesday announced an update to its 'Live Video' segment.

Full Story >>

HP Inc. introduces two new convertible notebooks

Updated: Jun 21, 2017 15:22 IST     

New Delhi [India], June 21 (ANI): Aiming to instill creativity among students, professionals and millennials, HP Inc. on Wednesday introduced two new convertible notebooks - HP Pavillion x360 and HP Spectre x360, enabled with Windows Ink capabilities.

Full Story >>

New Delhi [India], June 20 (ANI): In a bid to inspire art enthusiasts around the world to brush up their art knowledge and become art experts, Google has announced the latest updates on Search and Maps driving newer ways to experience artworks online.

Full Story >>

Hike launches wallet, UPI payments for quick transactions

Updated: Jun 20, 2017 17:32 IST     

New Delhi [India], June 20 (ANI): Home-grown messaging platform Hike Messenger on Tuesday launched the feature of 'Hike Wallet' on its all-new visually unique version Hike 5.0 to send and receive money in the most easiest manner.

Full Story >>

Waterloo [Ontario], June 20 (ANI): BlackBerry Limited on Tuesday announced productivity and security enhancements to its enterprise software platform designed to power the 'Enterprise of Things'.

Full Story >>

New Delhi [India], June 20 (ANI):The crippling financial implications of online banking security incidents have been brought to light by the latest Kaspersky Lab report into cyber security threats in the financial sector.

Full Story >>

New Delhi [India], June 19 (ANI): India's leading mobility solutions provider Avis India has announced the launch of its mobile app to enable Chauffeur Drive and Self Drive rentals in India.

Full Story >>

Google marks Father's Day through special doodle

Updated: Jun 18, 2017 08:10 IST     

New Delhi [India], June 18 (ANI): Google today is celebrating Father's Day 2017 dedicating an endearing doodle to all the fathers out there.

Full Story >>

Fujifilm launches Instax mini 9 cameras with selfie mirror

Updated: Jun 15, 2017 23:47 IST     

New Delhi [India], June 15 (ANI): Fujifilm India Pvt Ltd., on Thursday announced the launch of its new iconic Instax mini 9 instant camera, built in with a selfie mirror and close-up lens.

Full Story >>

New Delhi [India], June 15 (ANI-NewsVoir): Alibaba Mobile Business Group, part of Alibaba Digital Media and Entertainment, has announced the appointment of Damon Xi as Head of UCWeb India and Indonesia office.

Full Story >>

New Delhi [India], June 15(ANI): Toreto, a leading aggregator of portable technology on Wednesday launched its water-resistant Bluetooth earphone, 'TBE-804 Blare', best suited for sports enthusiasts.

Full Story >>

Accenture envisioning gender-balanced workforce by 2025

Updated: Jun 15, 2017 00:47 IST     

New Delhi [India], June 15 (ANI): Accenture on Wednesday announced its vision to achieve a gender-balanced workforce by 2025, with 50 percent women and 50 percent men.

Full Story >>

Instagram introduces new 'archive' feature

Updated: Jun 14, 2017 19:12 IST     

New Delhi [India] June 14 (ANI): Now, you can re-visit your old posts and enjoy those passed-by moments on Instagram.

Full Story >>

New Delhi [India] June 14 (ANI): South Korean multinational Samsung on Wednesday launched its anticipated Samsung Galaxy J7 Max and Samsung Galaxy J7 Pro, expanding its best-selling mid-range of Galaxy J smart phones.

Full Story >>

New Delhi [India], June 14 (ANI): Ericsson in its Mobility Report 2017 releases today has reported key trends and forecasts on mobile traffic, subscriptions, consumer behavior and technology uptake in India.

Full Story >>

New Delhi [India] June 14 (ANI): In continuation of its commitment to digitally empower India's small and medium business community, Google on Wednesday announced the launch of a new simple, free, and fast way to build a website through Google My Business.

Full Story >>