AN EXPLANATION OF THE FACTIONS  
 

[ DONATE TO RMN ] [ View Thread ] [ Archive Search Page ] [ RMN Reading Room ] [ CGI Media News Room ] [ SUBSCRIBE TO RMN ]

RMN is Reader Supported

Our Goal for
MAR 6 - APR 5:
$1,500

Powered by FundRazr

Click Widget
or Click Here to contribute.

Checks & Money Orders:

Raye Allan Smith
P.O. Box 95
Ashtabula, OH 44005


Users Online:
68

Who Founded RMNews?


Dewitt Jones' Video
"Celebrate What's Right
With The World"


"When the
Starships Fly!"

Listen at YouTube


The Theme for The Obergon Chronicles

Listen at YouTube


The Obergon Chronicles ebook


RUMOR MILL
NEWS RADIO


CGI ROOM
Common Ground
Independent Media


WHAT ARE
THE FACTIONS?


THE AMAZING
RAYELAN ALLAN


BIORHYTHMS

LOTTO PICKS

OTHER WAYS TO DONATE





RUMOR MILL NEWS AGENTS WHO'VE BEEN INTERVIEWED ON RUMOR MILL NEWS RADIO

______________

NOVEMBER 2008

Kevin Courtois - Kcbjedi
______________

Dr Robin Falkov

______________

Melinda Pillsbury Hr1

Melinda Pillsbury Hr2

______________

Daneen Peterson

______________

Daneen Peterson

______________

Disclosure Hr1

Disclosure Hr2
______________

Scribe
______________

in_PHI_nitti
______________

Jasmine Hr1
Jasmine Hr2
______________

Tom Chittum Hr1
Tom Chittum Hr2
______________

Kevin Courtois
______________

Dr Syberlux
______________

Gary Larrabee Hr1
Gary Larrabee Hr2
______________

Kevin Courtois
______________

Pravdaseeker Hr1
Pravdaseeker Hr2
______________

DECEMBER 2008

Tom Chittum
______________

Crystal River
______________

Stewart Swerdlow Hr1
Stewart Swerdlow Hr2
______________

Janet Swerdlow Hr1
Janet Swerdlow Hr2
______________

Dr. Robin Falkov Hr1
Dr. Robin Falkov Hr2
Dr. Robin Falkov Hr3

JANUARY 2009 ______________

Patriotlad
______________

Patriotlad
______________

Crystal River
______________

Patriotlad
______________

Dr. Robin Falcov
______________

Patriotlad

FEBRUARY 2009

Find UFOs, The Apocalypse, New World Order, Political Analysis,
Alternative Health, Armageddon, Conspiracies, Prophecies, Spirituality,
Home Schooling, Home Mortgages and more, in:

Rumor Mill News Reading Room, Current Archive

New Android Malware Combines Ransomware with a Banking Trojan- Oh Joy!

Posted By: RumorMail
Date: Sunday, 21-Feb-2016 02:20:59
www.rumormill.news/40642

In Response To: Your Home Security System May Be Utterly Useless Against Hackers (RumorMail)

Why are we not demanding better and safer phones and a Google 'play store' that is not FULL of malware, Trojans and more?

According to security researchers from Palo Alto Networks, Xbot seems to be a second-generation threat evolved from the Aulrin Android trojan, spotted first in 2014.

While Aulrin was coded in Lua and the .NET framework, this time around, Xbot's developer wrote the malware's code relying more on JavaScript (through Mozilla's Rhino framework).

Until now, security researchers claim to have seen 22 different Android apps that came infected with the Xbot malware, all of which are distributed from the developer's own servers, and not through Google Play. Palo Alto is claiming that Xbot seems to be in a testing phase, and not actively spread through more active distribution channels.

Xbot - the banking trojan

In its most recent version, Xbot's banking trojan component only targets seven banks, six of which are well-known Australian banks. But don't let this fool you. Researchers say that based on the domains used to distribute the malware, and code comments in earlier versions, Xbot's author seems to be of Russian origin.

Xbot's banking trojan component is also not that intrusive, relying on simple Web injection packages, which appear to be interchangeable, meaning it could target any country if the developer wished to.

Besides stealing credentials for banking portals, Xbot also pays a lot of attention to getting the user's credit card details via a phishing page made to look like the Google Play payment page.

This phishing page is triggered via an activity hijacking technique, which is ineffective on devices running Android 5.0 and higher.

Xbot - the ransomware

As most malware these days, Xbot will talk to a C&C (command and control) server. Once the C&C server manages to get all the banking details it wants, it can instruct Xbot to lock and/or encrypt the user's files.

The ransomware component is quite complex, and Xbot will not only go after the phone's internal storage, but it will also lock external SD cards as well.

Fortunately, the encryption algorithm is extremely weak, and most users will be able to decrypt their files with the help of a cryptography expert. The encryption algorithm is XOR on each byte in all files by a fixed integer number (50).

For the ransomware component to work perfectly, the app infested with Xbot will need to require admin privileges when the user installs it. These privileges are used to lock the user's screen, encrypt files and power the banking trojan's phishing abilities, so users should avoid giving admin rights to side-loaded applications.

http://news.softpedia.com/news/new-android-malware-combines-ransomware-with-a-banking-trojan-500629.shtml



RMN is an RA production.

Articles In This Thread

Your Home Security System May Be Utterly Useless Against Hackers
RumorMail -- Sunday, 21-Feb-2016 02:19:41
New Android Malware Combines Ransomware with a Banking Trojan- Oh Joy!
RumorMail -- Sunday, 21-Feb-2016 02:20:59
Privacy Advocates And ISPs Spar Over Targeted Ads
RumorMail -- Sunday, 21-Feb-2016 02:22:08
Hackers are using malware and phishing scams to steal Netflix users' passwords, bank details
RumorMail -- Sunday, 21-Feb-2016 02:23:17
Hackers can attack you even when you're not online: Stealing 'offline' data in seconds using a mobile phone!
RumorMail -- Sunday, 21-Feb-2016 02:26:43

The only pay your RMN moderators receive
comes from ads.
If you're using an ad blocker, please consider putting RMN in
your ad blocker's whitelist.


Serving Truth and Freedom
Worldwide since 1996
 
Politically Incorrect News
Stranger than Fiction
Usually True!


Powered
by FundRazr
Click Widget
or Click Here to contribute.


Organic Sulfur 4 Health

^


AGENTS WEBPAGES

Provided free to RMN Agents

Organic Sulfur 4 Health

^


AGENTS WEBPAGES

Provided free to RMN Agents



[ DONATE TO RMN ] [ View Thread ] [ Archive Search Page ] [ RMN Reading Room ] [ CGI Media News Room ] [ SUBSCRIBE TO RMN ]

Rumor Mill News Reading Room, Current Archive is maintained by Forum Admin with WebBBS 5.12.

If you can't find what you're looking
for using our RMN search, try the DuckDuckGo search below:


AN EXPLANATION OF THE FACTIONS