Security Audit

Our Web Application Pentest ( WAP) attempts to address the Owasp top 10 & SANS top 20 web application vulnerabilities and other exploitable loopholes of your web application . Along with it our WAP team also test web applications for Business logic flaws that can directly or indirectly effect the functioning of application.

Trainings

We are here to help you solve your biggest query- where and how to start? CDI has brought various courses in Ethical Hacking in Chandigarh where all you technology lovers will be given the much needed push to move forward and create a niche for yourself in the field. From Beginner to Expert level we have many kinds of training patterns.

Call Us : +91-771045-0011 | +91-771045-0022

Scammers are sending Porn Links for Spreading “Android Marcher Trojan”!

 

According to Security Researchers of Zscaler, scammers are sending porn themed links to Android users for spreading “Marcher Trojan”. Scammers are sending these type of links through emails and SMS to users. When users click on it, a window occur with an update of Adobe Flash Player. This update is Marcher Trojan in actual.

Scammers are very smart. They know that there is need of Adobe Flash Player plug-ins in Android devices to play a video clip. Users takes that Adobe Flash Update as legitimate one, but he didn’t know that he is downloading a Trojan. Security researchers of Zscaler said that scammers are running this campaign by sending 50 different types of links to the users.

 

How Marcher Trojan works?

This Trojan has been designed by the scammers to steal the financial information of the users through a phishing page. Scammers have designed a payment page, which look likes the legitimate payment page of “Google Play Store”. When user is interested to buy any application or products, this phishing page occurs and user fills the details of his credit card. This Trojan is also capable to steal the financial information with the help of already installed official bank apps. In that case, when user opens the official application of any bank, this Trojan superimpose a fake login page. This fake login page looks like original login page. When victim will insert his financial information, scammers will monitor that information with the help of Command and Control servers (C&C Servers).This Trojan is smart enough to hide itself behind the program files of Android Devices.

Deepen Desai is Head of Security Research at Zscaler and he told that, this fake phishing page looks like original payment webpage. This page occurs with a warning,” You will not be charged unless you make a purchase”. It is enough to Trick a normal user for stealing his financial information.

 

You may also read: Security Tips for Andorid Phone users!

Researchers also said, “In many cases we have seen that this Trojan is asking the users to download “X-Video” application. This video application is rated as a safe application from Android team of Google. Scammers are using this trick to convince the users that they are filling their credit card information at right place.

 

How to avoid this Trojan?

According to researchers and security experts, always installed the applications from trusted application stores such as “Google Play Store”. All the third party application stores are full of malwares. Users can also avoid this Trojan by making a little change in their android device.

Settings> Security> Install apps from Unknown Sources> Disable

javed basha I got the information i will spred this to my friends and family members

Mar 16, 2016

Ljsingh Howdy naresh . Lookout for network connections that your device is making when idle . Be smart enough to point out malicious IP connection .

Mar 16, 2016

Naresh i have amazon app store and good e reader android app store is it safe or not ?

Mar 15, 2016

Leave a Reply

Name
Email id
Contact No
Comment

See more of Cyber Intelligence by logging in.
Connect with cyber security experts,Discover job opportunities,Online Training, Information Security Advisory and lot more.