Security Audit

Our Web Application Pentest ( WAP) attempts to address the Owasp top 10 & SANS top 20 web application vulnerabilities and other exploitable loopholes of your web application . Along with it our WAP team also test web applications for Business logic flaws that can directly or indirectly effect the functioning of application.

Trainings

We are here to help you solve your biggest query- where and how to start? CDI has brought various courses in Ethical Hacking in Chandigarh where all you technology lovers will be given the much needed push to move forward and create a niche for yourself in the field. From Beginner to Expert level we have many kinds of training patterns.

Call Us : +91-771045-0011 | +91-771045-0022

Android Trojan Alert! This Trojan is Stealing Your Money and Personal Details!

 

 

A Tordow named Android Malware has been discovered by security researchers of Kaspersky Lab. It is a banking Trojan because it is capable to identify the running programs of a financial application. This Tordow Trojan could get root level privileges of an infected android device to perform critical attacks. According to Security researchers of Kaspersky, Attackers are controlling this Trojan through Command and Control servers to steal victim’s sensitive information.

 

Why it is a Dangerous Trojan?

After installing this Trojan in an android device, hackers can install special scripts and malicious programs in it. Hackers can steal money from victim’s bank accounts, which he/she is controlling from an android device. Hackers can remotely steal and delete private SMS of victim. If they want to send new texts, they can do this also. Hackers can also block, redirect and record the incoming and outgoing calls of infected device. Hackers are installing hard coded scripts through Tordow Trojan to get access of banking applications and they are transferring money to unknown bitcoin accounts through command and control servers. Hackers are also installing adwares into existing applications of infected device to get more clickbait revenue.

 

From Where Tordow Trojan Comes?

According to security researchers of Kaspersky, hackers are spreading this Trojan through modified versions of famous android applications. Pokemon Go, Odnoklassniki, Telegram, VKontakte, Subway Surf and DrugVokrug are some of application, which are available on third party stores with a hidden Tordow Trojan. Therefore, always install applications from a legitimate play store and check reviews of application before installing it. For a normal user, it is very difficult to identify that the application is fake because it works like original ones. From the backend, it silently make contact with command and control servers to download the main modules of Tordow Trojan.

 

What Hackers Want?

 

  • To gain the Root Privileges of device.
  • To steal personal SMS from victim’s device.
  • To record the calls of victim’s device.
  • To steal the money from victim’s bank accounts.
  • Installing Adwares and other malicious applications to get higher clickbait revenue.
  • To get full remote control of an android device.

 

Also read: Be Alert! GozNym Trojan is Back Once Again to Target Banks and Financial Services!

 

The story is not yet finished. Hackers could also hijack browser database of an infected device, through this Tordow Trojan. This is possible in case of Chrome Browser and any default browser of the device. Hackers could steal browser history, cookies, session id’s, saved user name and password and moreover credit or debit card details. Because this Trojan could get root privileges, hackers can control almost every file of the device.

 

Leave a Reply

Name
Email id
Contact No
Comment

See more of Cyber Intelligence by logging in.
Connect with cyber security experts,Discover job opportunities,Online Training, Information Security Advisory and lot more.