Skip to main content

Android-rooting malware on Google playstore

A new Android-rooting malware with an ability to disable device’ security settings in an effort to perform malicious tasks in the background has been detected on the official Play Store.

Behind puzzle game "colourblock," which was being downloaded at least 50,000 times prior to its removal.


"To bypass Google Play Store security checks, the malware creators used a very interesting method: they uploaded a clean app to the store at the end of March, 2017, and would then update it with a malicious version for short period of time," the researchers said. 


Dvmap Trojan works on both 32-bit and 64-bit versions of Android, which once installed, attempts to gain root access on the device and tries to install several modules on the system including a few written in Chinese, along with a malicious app called "com.qualcmm.timeservices."

To make sure the malicious module gets executed with system rights, the malware overwrites system's runtime libraries depending on which Android version the device is running.To complete the installation of the above-mentioned malicious app, the Trojan with system rights turns off "Verify Apps," feature and modify system setting to allow app installation from 3rd party app stores.

"Furthermore, it can grant the "com.qualcmm.timeservices" app Device Administrator rights without any interaction with the user, just by running commands. It is a very unusual way to get Device Administrator rights," the researchers said.

What to do to protect yourself?

Always keep a good antivirus app on your device that can detect and block such malware before it can infect your device and keep it up-to-date.

Popular posts from this blog

The possibility of quantum computing breaking encryption algorithms

The possibility of breaking encryption algorithms is a powerful motivating factor for many countries of the world. Thus, knowledge of the enemy's encryption systems could give a huge advantage in intelligence, while at the same time contributing to the conduct of new fundamental research in the field of physics, since modern experimental systems have at their disposal only less than 100 qubits.    To achieve the useful computing performance of a supercomputer, we probably need machines with hundreds of thousands of qubits. In order for the devices to function correctly, they must correct all minor random errors in the software. In a quantum computer, such errors arise due to imperfect elements of the circuit and the interaction of qubits with their environment. For these reasons, qubits can lose coherence in literally a split second. A quantum computer with 100 qubits can simultaneously represent 2100 solutions. For some tasks, this exponential parallelism can be used to create a h

How to install cloudflare wrap on linux

 command mode dumb......expert user edition   millen@TechGlyphs-Studio:~/Desktop$ wrap-cli wrap-cli: command not found millen@TechGlyphs-Studio:~/Desktop$ curl https://pkg.cloudflareclient.com/pubkey.gpg | sudo gpg --yes --dearmor --output /usr/share/keyrings/cloudflare-warp-archive-keyring.gpg Command 'curl' not found, but can be installed with: sudo snap install curl  # version 7.86.0, or sudo apt  install curl  # version 7.81.0-1ubuntu1.6 See 'snap info curl' for additional versions. [sudo] password for millen:  gpg: no valid OpenPGP data found. millen@TechGlyphs-Studio:~/Desktop$ sudo apt  install curl Reading package lists... Done Building dependency tree... Done Reading state information... Done The following packages were automatically installed and are no longer required:   chromium-codecs-ffmpeg-extra gstreamer1.0-vaapi libflashrom1 libftdi1-2   libgstreamer-plugins-bad1.0-0 Use 'sudo apt autoremove' to remove them. The following NEW packages will be in

Simple steps to protect your privacy.

  Step 1. Download DuckDuckGo on all your devices With just one download you'll get tracker blocking, private searching, increased encrypting, and privacy grading on all of your browsing. Our mobile app for iOS/Android (DuckDuckGo Privacy Browser) and browser extensions for Firefox, Chrome, and Safari (DuckDuckGo Privacy Essentials) has all of this in one seamless package. Privacy, simplified. Step 2. Update your software Your device operating systems get out-of-date over time, and old software can contain security bugs or settings that leak personal data. Set your devices (and the apps on them) them to update automatically. That way you'll always have the latest, safest versions. Step 3. Update your privacy settings Make sure your devices are using the best privacy settings. Here are step-by-step instructions for all the major device types. Especially make sure you adjust per-app location settings, so that your location history isn’t leaking where it shouldn’t. For extra bonus