With the rapid development of portable computer technology, smartphones and tablets have strengthened to offer sophisticated performance at a low cost. The Android platform has been at the forefront of this mobile version and has gained tremendous popularity over the past four years. But popularity also brought the attention of major malware developers along with the platform.
That Android offers an open market model, in contrast to Apple’s closed Apple Store model, where each app is hand-tested by security experts, makes it a better target than malicious developers. The presence of many third-party app stores also contributes to the proliferation of malicious Android platform applications.
As smartphone devices become an integral part of modern life. We will not find a single person who does not use cell phones and mobile technologies that turn mobile devices into palm computers, manufacturing companies that incorporate the latest hardware and technology into that device to better serve their customers. Due to various weaknesses, cell phones are the first target of attackers.
The Online Ethical Hacking training will provide you with in-depth knowledge about the hacking techniques and methods that get used by hackers and enable you to protect yourself. Mobile applications are where we can be most vulnerable to the organization. We will teach you how to exploit and log into applications to detect application performance errors on various smartphones. STEPS, provide the best Ethical Hacking Course in Cochin to the need from beginner level to expert level.
Classification of android malware based on their behavior
Information Extraction
Applications can easily find user contacts, browsing history, device IMEI, etc via API calls if they have the permissions. Many malware uses this function. Marketing companies will purchase consumer preferences with better product orientation. This information may also end up in the hands of cybercriminals. An example of this type of malware is DroidDreamLight.
Botnets
An Android botnet is a network comprising customized Android smartphones controlled by a botmaster through a command-and-control network (C&C). Integrating Android botnets is skyrocketing. Traditional botnets communicate with a C&C server using IRC (Internet Relay Chat) protocol or using P2P (Peer-to-Peer) overlays. Popular botnet malware like Geinimi, Pjapps, DroidDream and RootSmart reflect traditional behavior.
Premium Rate Calls and SMS
The cost of a premium-rate call or SMS is charged in the sender’s phone bill. Many malware uses these premium services to collect incentives from the attacker or create financial losses for the user. Malware Fakeplayer sends an SMS message “798657” to multiple premium-rate numbers.
Root Exploits
Root exploitation is perpetrated by advanced users and authors of malware. Users use this abuse to customize their devices and malware use it to compromise security measures. The top three actions are Exploid, Rageagainstthecage (RATC) and Zimperlich. This utility is used to give higher rights to malware. DroidDream, Zhash, DroidKungFu, and Basebridge reportedly use these root actions.
DroidKungFu contains both RATC and Exploid root exploitation in an encrypted form. When DroidKungFu works, it first deletes the text and introduces root exploitation. If successful, the malware will get root access and may access or modify it.
Search Engine Optimization
The number of users who click on the search engine optimized websites influences search engine optimization. A website will appear at the top of its page when more people search for a specific search term and select a link. SEO malware mimics this function on a corrupted device by searching for this name and generating deceptive clicks on a targeted website. The malware HongTouTou increases Baidu search results for Chinese websites.
Dynamically Downloaded Code
Any Android app can download content containing the traditional code and use it. Therefore, malware software that may appear legitimate can download malicious downloads during operation without being detected by anti-malware software. This practice is one of the biggest problems left in the security of Android. This category of malware sometimes uses drive-by downloads as plugins, extensions, or updates to trick a user into downloading a payload.
