Android.Slicer effective only on devices running Android 4.3.
Dr. Web, a Russian security firm researcher has discovered a hidden Android Trojan called Android.Slicer inside a phone memory cleaning and boosting application. A flashing signal for all Android users, using free phone optimization apps are now proving to be more costly.
Such applications ask for user’s permission on installation and on each update, which us users very blindly confirm. The application is capable of controlling the host device’s Wi-Fi, Bluetooth and by accessing the quick shortcuts on the device’s home screen or pull down menu.
How is Android.Slicer trojan harmful?
The core purpose of this Trojan is to deliver adware to the all infected devices.
The Android.Slicer, is capable of self installing and purchasing applications hosted on Google Play store and creating customizing shortcuts on the infected device’s homescreen.
The trojan can end up on a user’s device by either some malware or by some other application that the user has installed himself. Android.Slicer is capable of collecting the host device’s sensitive information like the IMEI number, device owner’s information, Mac Address, the OS information and device manufacturer details and sending it to it’s C&C server.
The C&C server then interacts with the active Trojan on the said device and somewhat controls the device’s operations such as displaying ads, exposing it to other malicious content, open some page in the user’s web browser or a designated application’s page or even install it.
It has been found that Android 4.3 users, the Android.Slicer will download a rootkit called Android.Rootkit.40 that will give the Trojan, heightened access of the device’s OS
The Trojan uses it’s advanced powers to gain tapping access to buttons on homepage and press buttons on playstore like install, buy or continue. This can harm users personally and financially.
However there is some silver lining, Google has found a way to prevent all devices from the rootkit using Android 4.4 or higher versions.
The post Android Trojan called android.slicer – Can buy and install apps without user’s permission appeared first on The Next Rex.