Zerosecurity
  • Home
  • Security
    • Exploits
    • Mobile Security
  • Malware
  • Data Breaches
  • Crypto
  • Privacy
  • Tech
    • Downloads
      • Malwarebytes
      • Exploits
      • Paper Downloads
    • Reviews
No Result
View All Result
SUBSCRIBE
Zerosecurity
  • Home
  • Security
    • Exploits
    • Mobile Security
  • Malware
  • Data Breaches
  • Crypto
  • Privacy
  • Tech
    • Downloads
      • Malwarebytes
      • Exploits
      • Paper Downloads
    • Reviews
No Result
View All Result
Zerosecurity
No Result
View All Result
Home Malware

Triada & Horde updated and actively targeting Androids

Paul Anderson by Paul Anderson
June 28, 2016 - Updated on June 11, 2022
in Malware, Mobile Security
Reading Time: 2 mins read
0
Triada updated and targeting Android
26
SHARES
351
VIEWS
Share on FacebookShare on Twitter

Two mobile phone versions of Triada and Horde malware were identified in the wild by Check Point analysts who advise the most recent samples now utilize dangerous new strategies including having the ability to evade Google’s security on a few OS versions.

You might also like

Cybersecurity Crisis Hits Ardent Health Services

China Energy Giant, CEEC, Falls Victim to Rhysida Ransomware Attack

FBI Shuts Down Notorious IPStorm Botnet, Arrests Mastermind Sergei Makinin after Four-Year Cybercrime Spree

The Android Trojan labeled Triada, researchers mention, is now able to infect the Android default web browser along with three other small Android OS browsers like 360 Secure, Cheetah, and Oupeng.

Once infected, attackers can redirect URL requests. If an individual happens to go to one of a couple of specified URLs, the malware produces a spoofed website built to obtain personal financial info.

As of late, Triada’s primary purpose was to steal funds via SMS messages via in-app purchases. But, equipped with the new URL spoofing abilities, the Triada Android malware can now intercept any URL on infected phones and encourage a user to “enter credentials in a fraudulent page, or even download additional malware, without knowing he is visiting a malicious site,” wrote Oren Koriat, Check Point analyst in a blog post.

Check Point’s research follows Kaspersky Lab’s findings after they first spotted the Trojan (Backdoor.AndroidOS.Triada) and documented its ability to redirect Android browsers to malicious URLs earlier this month.

Kaspersky Lab details successful Triada infections to target the Android device by infecting the Zygote Android OS core procedure that grants attackers super-user rights. After acquiring those rights, Triada uses ordinary Linux debugging tools to embed a malicious DLL that targets one of the four listed browsers.

Check Point says the latest variant of Horde is able to monitor running processes on Android Lollipop and Marshmallow versions using a new technique to avoid detection.

“Google has invested some efforts in preventing such activity and blocked apps from calling the getRunningTasks() API. Viking Horde manages to bypass this security measure by reading the “/proc/” file system, which displays running processes, from which the malware can find the current running processes,” Koriat added.

The malware was uncovered by Check Point in May. The malware was spreading via legitimate apps, including Viking Jump which had 50,000 to 100,000 downloads, before it was removed by Google. The app even became a “top free app” in some markets, Check Point said.

Tags: androidhordeTriada
Paul Anderson

Paul Anderson

Editor and chief at ZeroSecurity. Expertise includes programming, malware analysis, and penetration testing. If you would like to write for ZeroSecurity, please click "Contact us" at the bottom of the page.

Recommended For You

Crisis at Ardent Health: Ransomware attack disrupts operations, forcing patient diversions. The Tennessee-based provider initiates cybersecurity measures.

Cybersecurity Crisis Hits Ardent Health Services

November 27, 2023
State-owned China Energy Engineering Corp (CEEC) hit by Rhysida ransomware; global alert issued. Insights into tactics and impact on #StopRansomware effort

China Energy Giant, CEEC, Falls Victim to Rhysida Ransomware Attack

November 26, 2023

FBI Shuts Down Notorious IPStorm Botnet, Arrests Mastermind Sergei Makinin after Four-Year Cybercrime Spree

November 21, 2023

Boeing Faces Cybersecurity Crisis: Lockbit Ransomware Attack Exposes Sensitive Data Amid Citrix Vulnerability Concerns

November 13, 2023

New Variant of Jupyter Malware On The Rise

November 10, 2023

IBM X-Force Unearths New Gootloader Variant, “GootBot”

November 8, 2023
Next Post
Ukraine bank breached 10 million lost

SWIFT hackers Steal 10 Million from Ukraine bank

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Related News

FBI dismantles IPStorm botnet, arrests Sergei Makinin, ending a 4-year cybercrime spree. A major win against global online threats.

FBI Shuts Down Notorious IPStorm Botnet, Arrests Mastermind Sergei Makinin after Four-Year Cybercrime Spree

November 21, 2023
Researchers Expose Gaza Charity Crypto Scam

Researchers Expose Gaza Charity Crypto Scam

November 20, 2023
Global success: Europol, Czech, and Ukrainian police unite to dismantle a multi-million dollar vishing ring targeting Czech bank customers. Ten arrests made in a joint effort against cybercrime.

Europol and Local Forces Disband Multi-Million Dollar Vishing Ring

November 19, 2023
Zerosecurity

We cover the latest in Information Security & Blockchain news, as well as threat trends targeting both sectors.

Categories

  • Crypto
  • Data Breaches
  • DotNet Framework
  • Downloads
  • Exploits
  • Exploits
  • Information
  • Legal
  • Malware
  • Malware Analysis
  • Mobile Security
  • Paper Downloads
  • Piracy
  • Privacy
  • Programming
  • Public
  • Security
  • Security
  • Software & Service Reviews
  • Technology
  • Tools
  • Tutorials
  • Video Tutorials
  • Whitepapers
  • Zero Security
  • Contact us
  • Press
  • Writers
  • Privacy Policy

© 2023 ZeroSecurity, All Rights Reserved.

No Result
View All Result
  • Home
  • Security
    • Tools
  • Exploits
  • Data Breaches
  • Malware
  • Privacy
  • Mobile Security
  • Contact Us
    • Press
  • Privacy Policy

© 2023 ZeroSecurity, All Rights Reserved.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.