Over the last few months, we've been telling you more about the threats that appear frequently against Android and that can harm millions of devices around the world. However, and as we have recalled on other occasions, in most cases, the attacks are intercepted in time by both developers and users and the thousands of harmful elements to which the public is exposed on a daily basis, do not remain in more than a setback. With the arrival of Nougat, several major security enhancements have been released to the green robot software. On the other hand, we are also witnessing a new generation of biometric markers such as iris scanners.
The banking trojans and those aimed at stealing personal information are the fastest evolving. For this reason, it is necessary that all the players in the sector are involved in a rapid improvement of the operating systems, but also of the terminals themselves in order to further minimize the impact of this type of malware. After a quiet summer in which no very harmful virus has appeared, today we tell you more about the new threats directed at Android that have appeared in recent days and we help you prevent these risks.
1.gugi
We start with a Trojan that is already known to Mountain View and that is characterized by a very fast update capacity. This malware, whose main objective is Android Marshmallow, is capable, at first glance, of acquiring superuser permissions and access the basic information of the terminal and the operating system. In addition, it has the ability to modify all these parameters in order to turn the device into a zombie if it does not manage to pass all the controls. However, its new version is more dangerous, since we would be facing a banking trojan that, through Google Play, could access our financial apps and steal the credentials necessary to carry out operations.
How to prevent it?
Although most of the reported cases come from Russia, one of the most dangerous aspects of Gugi is the fact that it is able to circumvent Marshmallow's security enhancements, therefore, the best way to avoid being attacked is to count, as usual, with additional protection from the most downloaded antivirus and managers of the application catalogs, since they have the endorsement of developers. If we already have any of them, it is also advisable to follow the following tips: Control permissions that we grant to the applications we download if possible and not enter websites that are not certified and refer us to dubious links.
2. Guerilla
We conclude with the malware that is causing the most problems due to its operation: Guerrilla download and install without control all kinds of applications from the catalogs. How do you get it? In the latest versions of Android we find a series of filters aimed at stopping fraudulent advertising. Guerrilla, manages to overcome these barriers and is dedicated to automatically search for apps camouflaged under an official tool present on Google Play and that even has user ratings from all over the world.
Who is affected?
Although at first glance, this malware may target millions of devices, the truth is that its impact is reduced if we take into account that it is only capable of installing apps on terminals that they have been rooted since it is through these devices where the necessary credentials for automatic download are obtained, such as the user name or the passwords established later. However, its room for maneuver does not end here, since on the other hand, it contains elements of ransomware that obtains personal data and sensitive information about the owners of infected tablets and smartphones and whose developers demand the payment of a ransom.
As you have seen, Android it is still the primary target of hackers around the world, either through elements already known for a long time, which have been perfected, or through new ones that show the evolution that viruses are following to become more discreet but with a greater capacity for action. The fragmentation of this platform and the existence of a multitude of layers of personalization based on it can be one of the Achilles heels of the most used software in the world.
After learning more about Gugi and GuerrillaDo you think that once again, the task of protecting the terminals should be carried out by the manufacturers and that they should focus more efforts and resources on protecting users? Do you think that with prudent handling, the malware that we have presented to you today will not have a major impact? You have more related information available, such as a list of the malware that has given the most talk this summer so that you know yourself what it is, how it works and also how to prevent it.