The Latest in IT Security

Dvmap: the first Android malware with code injection

08
Jun
2017
Dvmap: the first Android malware with code injection

android-199225_960_720

In April 2017 we started observing new rooting malware being distributed through the Google Play Store. Unlike other rooting malware, this Trojan not only installs its modules into the system, it also injects malicious code into the system runtime libraries. Kaspersky Lab products detect it as Trojan.AndroidOS.Dvmap.a.

The distribution of rooting malware through Google Play is not a new thing. For example, the Ztorg Trojan has been uploaded to Google Play almost 100 times since September 2016. But Dvmap is very special rooting malware. It uses a variety of new techniques, but the most interesting thing is that it injects malicious code into the system libraries – libdmv.so or libandroid_runtime.so.

Read More

Leave a reply


Categories

FRIDAY, SEPTEMBER 22, 2017

Featured

Archives

Latest Comments

Social Networks