Russian company’s experts “Kaspersky Lab” reported the discovery of a Trojan for Android called Triada, which complexity is significantly superior to all other similar malicious programs.
A distinctive feature of the Triada is the ability to implement its code of all installed device applications, and change the logic of their work. In addition, the virus conceals traces of its presence on the infected system.
“Assistant” Triada is a master process Zygote, in fact “heart” Android runtime that is responsible for the system start. Penetrating in Zygote, Trojan application becomes part of it. Experts note that this is the first time that the malware is embedded in Zygote
In addition, Triada has a modular structure -. The main program, has gotten to a mobile device for malicious request downloads and installs the modules that have the right to them functions . Modules are stored in the system folders, but it is hidden from the list of packages installed and running services
. <-! incut b-read-more_width -> <-! noindex ->
<-! /> noindex ->
currently, the virus used to steal money, not only for users, but also for application developers. For this Triada captures, modifies, and filters the payment SMS-messages. For example, he can do so, that at the time of purchase in-game money sent by the user, do not go to the creator of the game, and the attackers.
How much the device has been hit a new Trojan application, is still unknown.