Security researchers have uncovered an extremely alarming development. Certain ads that you see within Android apps are more harmful than previously thought.
Security experts at Palo Alto Networks has uncovered new malware strains disguised within adware (malicious advertising), codenamed “Ewind”, which doesn’t just infect phones. It actually allows hackers to take control of infected Android phones remotely at an unprecedented level!
Instances of Ewind, which is suspected to have originated from Russian malware agents, are rising because hackers are downloading legit Android apps, pulling them apart and putting them back together with malicious code inserted.
These heavily disguised trojan apps are then being distributed on popular third-party stores that users frequent to download free apps from, according to the security researchers. Palo Alto Networks further reveals that Ewind malware is found in popular apps like GTA Vice City, AVG, Minecraft and Avast! Ransomware Removal, and much more, according to a report on Itimes.
After it compromises a device, Ewind can be programmed remotedly by the cybercriminals to execute a whole host of commands, ranging from accessing full SMS text messages alongside the sender’s phone number – a trick used to get past two-step verification.
“Ewind is more than simply adware,” the security team at Palo Alto Networks concludes, adding: “Ewind is, at very least, an actual Trojan – subverting genuine Android apps. The functionality to forward SMS messages to a [malicious server] hints at possible intentions beyond just delivering adware.”
The researchers further claim that based on the firm’s analysis the attacker or hacker behind Ewind seems to be from Russia.