반응형
AbstractEmu 라고 명명된 악성코드가 발견되었다
총 19개의 앱에서 이 악성코드가 포함된것으로 알려졌다
| App title | Package name | SHA-1 | |||
| All Passwords | com.mobilesoft.security.password | 311e4c2b1d4b90664c56d8caa0d32035dde68cc6 | |||
| All Passwords | com.mobilesoft.security.password | 8716359ca3b4b7ed707e94b280e6e1e4c106035a | |||
| All Passwords | com.mobilesoft.security.password | 0dddea2fc5d4d9e819d3f45b2673347a927e7cef | |||
| All Passwords | com.mobilesoft.security.password | 60b9655d98d9dd697184e9b7d4026ef9ebc0bf05 | |||
| All Passwords | com.mobilesoft.security.password | b3320a3b34fea23f7d402dc451667fb66214fb9f | |||
| Anti-ads Browser | com.zooitlab.antiadsbrowser | 7e4c93c228d63f175b8b7232ab826b97dfbbd6b5 | |||
| Anti-ads Browser | com.zooitlab.antiadsbrowser | 7e263ba23e997ce5f4420f1e7de87305dc5eca6d | |||
| Anti-ads Browser | com.zooitlab.antiadsbrowser | 84bef7fba1562df4aefcd552fd2b53b47c544427 | |||
| Anti-ads Browser | com.zooitlab.antiadsbrowser | 844e1de8d50cce29285d7a661141f8d93368702b | |||
| Anti-ads Browser | com.zooitlab.antiadsbrowser | 935c7ee3dd5a0927352fde3cb91a2f1bf69719e3 | |||
| Anti-ads Browser | com.zooitlab.antiadsbrowser | 9caee5c9078cbcdcc2f5dcceb3cc60f8f57b94db | |||
| Data Saver | com.smarttool.backup.smscontacts | 78820fdf4d81ecd2ac869be50211446257e17b66 | |||
| Lite Launcher | com.st.launcher.lite | 663f9102ce0e7b6d041efc9010a3afa70d8c1aaa | |||
| Lite Launcher | com.st.launcher.lite | 99b7edc2af4e1c8dae3ee6f505ee771218e638fc | |||
| Lite Launcher | com.st.launcher.lite | 96a207e41bdaac5fd5e74298a357f33fe343d93d | |||
| Lite Launcher | com.st.launcher.lite | c7d5b2cac0c9f65d40a7f8ed3f12b891fe21c5ed | |||
| Lite Launcher | com.st.launcher.lite | 0afa18ff39419db788d0d6290f490e66513cf139 | |||
| Lite Launcher | com.st.launcher.lite | d9eae350eb07f7f43e69f3c6c6dddc5d952e9de8 | |||
| Lite Launcher | com.st.launcher.lite | 2e074fa0c6de7092181c7b9284aa92c8c732d32a | |||
| Lite Launcher | com.st.launcher.lite | 72b127983d70f79e366a2a1bc0b2d95af9e58d3f | |||
| Lite Launcher | com.st.launcher.lite | 3e3eb8d0dfc57374e689fa7d24a0490be0aab3d1 | |||
| My Phone | com.dentonix.myphone | 43a910c44909583f0c0d690f3a24cba302e03432 | |||
| Night Light | com.nightlight.app | 8108bcda08173ff6ee82a7b1ea1cd781364493d8 | |||
| Night Light | com.nightlight.app | 50c98698c1af133a49eb7b2482246519913051ba | |||
| Night Light | com.nightlight.app | 44f705ac7f360671ba80232420dac81299c00394 | |||
| Night Light | com.nightlight.app | e8e0905f98782027800e6ead9c0c6130d8822dac | |||
| Phone Plus | com.phoneplusapp | 0ec2af45649b49a1bb807ae11d1db4b551a93d82 | |||
위 앱들은 이미 구글 플레이 스토어에서 내려갔지만 혹시라도 이미 설치되어 있지 않은지 확인이 필요
https://blog.lookout.com/lookout-discovers-global-rooting-malware-campaign
Rooting Malware Makes a Comeback: Lookout Discovers Global Campaign
Security researchers at the Lookout Threat Labs have identified a new rooting malware distributed on Google Play and prominent third-party stores such as the Amazon Appstore and the Samsung Galaxy Store.
blog.lookout.com
반응형
'보안' 카테고리의 다른 글
| 로그프레소 log4j 취약점(CVE-2021-44228) 스캐너 배포 (0) | 2021.12.12 |
|---|---|
| 윈도 무작위폴더 생성 버그 (0) | 2021.11.21 |
| google chrome 긴급업데이트 95.0.4638.69 (0) | 2021.10.29 |
| 해킹 케이블을 이용한 해킹 (0) | 2021.10.16 |
| allblock 광고차단 확장프로그램 몰래 광고삽입 (0) | 2021.10.16 |