Category : Malwares
The Tordow Malware is an old malware which was first detected by security researchers of Kaspersky Lab in September of this year. At its initial stage, this malware came as a Banking Malware which was performing some advanced actions to help the attackers for gaining root access of device. Moreover, the malware was installing some remote code packets in the compromised devices, which had been written by the hackers to take full control of a device. According to a recent report of security firm COMODO now, this malware also has capabilities to perform as a ransomware. The malware has been updated by its authors into its latest version Tordow v2.0 by adding more advanced features.
About Previous Version of Tordow Malware
The initial version of Tordow malware was capable of performing following actions and thousands of Android users were targeted by the hackers initially:
About Tordow v2.0
The security researchers of US-based security firm COMODO detected that Tordow 2.0 contains all the previous features and now it has some new features which are allowing this malware to behave like a ransomware.
Tordow 2.0 is using AES algorithm to encrypting/decrypting files of compromised Android devices. This Trojan is using ‘MIIxxxxCgAwIB” hard-coded key to encrypt files. According to COMODO, some advanced s has been added by the authors into its source code to check whether Trojan has gained the root access or not. There are nine ways to check this.
How Hackers Are Controlling This Malware?
The hackers are controlling this malware through command and control servers. Hackers are getting all the stolen information through these servers and commanding the malware from backend to perform a particular action by sending remote codes.
Some Applications, Which are Spreading This Malware
I strongly recommend you to install all the applications from the official app store for Android. All the third party app stores are the home of malware. Hackers are spreading this malware through following applications which are available on third party app stores:
Any application which is available on the third party app store will work as a legitimate application. But in actual, the app is a backdoor which has been created by hackers to get entry into your device. Hackers will exploit the vulnerabilities of your device through this backdoor by using encrypted malicious codes.
Proudly Operated from India
© 2016 Copyrights. All Rights Reserved