malware

Summer says goodbye to Android with a new virus called Tordow

863

Summer says goodbye to Android with a new virus called Tordow

Written by

September 22, 2016

malware

As we have seen throughout 2016, we are witnessing the arrival of approximately 2 viruses with a higher impact rate per month and whose main objective is Android. Before talking about all these elements in more depth, we always remind you that in most cases, they are harmless and are intercepted on time without causing further damage if we also add an effective antivirus. However, there are others who manage to circumvent the security controls and of which it is necessary to offer more information to avoid causing havoc among millions of tablets and smartphones equipped with the green robot software.

A few weeks ago we talked about Guerrilla, a malware that followed in the wake of others created throughout this year and that focused on subtracting bank data and sensitive information to use it for fraudulent purposes. Currently, we are witnessing the creation of more sophisticated harmful objects that are characterized by having a great capacity for evolution and focused on the financial sector. Today is the turn of Tordow, which we now tell you, what is it, what are its most striking features and, above all, how to prevent it in the more than 1.3 billion terminals equipped with the Mountain View platform.

virus warning

What is it?

Tordow is a trojan that in this case, it is not dedicated to subtract the banking information of the users, but instead accesses the contents housed in the terminals, which it converts into zombies to subsequently request financial compensation for their recovery. Although a higher incidence rate of this virus is currently being registered, the truth is that, as portals such as ADSLZone, its arrival took place in February. However, one of its most striking aspects and that have raised alarms in specialized companies for their links with the deep web and now we will tell you in more detail.

How do you attack?

Their way of infecting devices is the most widespread currently: Application catalogs. However, we must clarify that in Google Play there have not yet been reports of attacks with Tordow, and these have taken place in secondary markets of apps that contain mostly plagiarized applications and without too many security measures. Once this Trojan has entered the terminals, it obtains information about the brand, model and version of the operating system to adjust to it and make a rooted

systemless root

Second step: Terminal control

Once you have acquired superuser permissions on Android, this virus has the ability to obtain contact lists, to make calls without permission and even to purchase paid products from the applications you download automatically. On the other hand, modify browsers and app catalogs so that users cannot download antivirus. Before we mentioned that it is related to the deep web and is that, another of the most dangerous aspects of this element is that it can sell all the information subtracted from the groups present in the deep Internet and supplant the identity.

What can be its impact?

Before we told you that in the catalogs offered by Google, Tordow has not yet managed to have an impact. However, its diffusion may be greater because it is camouflaged under copies of the most popular games and applications today as Pokémon Go as they collect from ADSLZone. In addition, it is also responsible for downloading all types of files that in many cases, may contain even more harmful elements. He browser installed as standard in Android and Chrome They can also be backdoors in case the devices are infected.

Chrome extensions

How to prevent it?

The catalogs of applications of unknown origin are those that contain Tordow. Therefore, the first effective protection measure is to download apps only from the markets installed as standard on tablets and smartphones. In this case, the best option is Google Play. At the same time, other additional measures that we have reminded you before and that also contribute to minimizing the risk, are the installation of a antivirus endorsed by developers and containing updated databases and of course, common sense and navigation only by trusted websites. Another recommendation to keep in mind is that of not saving passwords or sensitive information in the terminals.

Android is currently the favorite target for hackers around the world. However, and as we often remember, there is nothing to fear if we use the devices consciously and provide them with efficient protection measures. On the other hand, in the field of operating systems and terminals themselves, we are witnessing improvements such as the incorporation of biometric markers. Do you think Tordow can have a higher impact rate over time? Do you think that as often happens in other cases, its incidence will end up being almost residual? You have more information available about other viruses that have appeared against the green robot software during this month so you can learn more about all the harmful elements that can affect the devices.