| dbo:abstract
|
- Shedun adalah nama dari keluarga virus ponsel (dikenal juga dengan Kemoge, Shiftybug, dan Shuanet) yang menyasar sistem berbasis Android. Aksi Shedun terungkap pada 2015 oleh perusahaan keamanan ponsel Lookout, dan diperkirakan menginfeksi 20.000 aplikasi populer Android. Avira Protection Labs menyatakan bahwa keluarga Shedun menginfeksi 1.500-20.000 ponsel per hari. Semua varian dari keluarga Sheldun memiliki kesamaan kode sumber sekitar 80%. Aksi Shedun dimulai dengan "membungkus kembali" aplikasi Android asli (seperti Facebook, Twitter, WhatsApp, Candy Crush, Google Now, dan Snapchat) dengan ditambah adware, kemudian diedarkan melalui situs unduhan aplikasi pihak ketiga. Ketika diunduh dan dipasang oleh korbannya, aplikasi-aplikasi tersebut tetap berjalan seperti biasa, tetapi korban mengeluhkan munculnya iklan mengganggu (laba dari iklan tersebut mencapai $2 per pemasangan). Malware ini bercokol sedemikian kuat, hingga jalan satu-satunya adalah me-root ponsel korban dan memasang kembali ROM pabrik. Malware ini terdeteksi pada 26 tipe perangkat keras berbasis Android baru yang dibuat di Tiongkok, seperti ponsel pintar dan tablet. Keluarga malware ini juga diketahui memiliki kemampuan auto-root menggunakan celah keamanan seperti ExynosAbuse, Memexploit, dan Framaroot dan memasang dirinya sendiri sebagai aplikasi sistem dan membuat salinan dirinya di partisi sistem, sehingga "setel ulang ke pabrikan" tidak dapat mengatasi malware ini. Keluarga malware ini sering kali memasang aplikasi adware lain tanpa seizin korbannya, sehingga diklasifikasikan sebagai "adware agresif" karena sering memasang "aplikasi yang tak diinginkan" sekaligus membombardir ponsel korban dengan iklan. (in)
- Shedun is a family of malware software (also known as Kemoge, Shiftybug and Shuanet) targeting the Android operating system first identified in late 2015 by mobile security company , affecting roughly 20,000 popular Android applications. Lookout claimed the HummingBad malware was also a part of the Shedun family, however, these claims were refuted. Avira Protection Labs stated that Shedun family malware is detected to cause approximately 1500-2000 infections per day.All three variants of the virus are known to share roughly ~80% of the same source code. In mid 2016, arstechnica reported that approximately 10.000.000 devices would be infected by this malware and that new infections would still be surging. The malware's primary attack vector is repackaging legitimate Android applications (e.g. Facebook, Twitter, WhatsApp, Candy Crush, Google Now, Snapchat) with adware included. The app which remains functional is then released to a third party app store; once downloaded, the application generates revenue by serving ads (estimated to amount to $2 US per installation), most users cannot get rid of the virus without getting a new device, as the only other way to get rid of the malware is to root affected devices and re-flash a custom ROM. In addition, Shedun-type malware has been detected pre-installed on 26 different types of Chinese Android-based hardware such as Smartphones and Tablet computers. Shedun-family malware is known for auto-rooting the Android OS using well-known exploits like ExynosAbuse, Memexploit and Framaroot (causing a potential privilege escalation) and for serving trojanized adware and installing themselves within the system partition of the operating system, so that not even a factory reset can remove the malware from infected devices. Shedun malware is known for targeting the Android Accessibility Service, as well as for downloading and installing arbitrary applications (usually adware) without permission. It is classified as "aggressive adware" for installing potentially unwanted program applications and serving ads. As of April 2016, Shedun malware is considered by most security researchers to be next to impossible to entirely remove. Avira Security researcher Pavel Ponomariov, who specializes in Android malware detection tools, mobile threat detection, and mobile malware detection automation research, has published an in-depth analysis of this malware. The countries most infected by this virus were in Asia including China, India, Philippines, Indonesia and Turkey. (en)
|
| rdfs:comment
|
- Shedun is a family of malware software (also known as Kemoge, Shiftybug and Shuanet) targeting the Android operating system first identified in late 2015 by mobile security company , affecting roughly 20,000 popular Android applications. Lookout claimed the HummingBad malware was also a part of the Shedun family, however, these claims were refuted. Avira Protection Labs stated that Shedun family malware is detected to cause approximately 1500-2000 infections per day.All three variants of the virus are known to share roughly ~80% of the same source code. (en)
- Shedun adalah nama dari keluarga virus ponsel (dikenal juga dengan Kemoge, Shiftybug, dan Shuanet) yang menyasar sistem berbasis Android. Aksi Shedun terungkap pada 2015 oleh perusahaan keamanan ponsel Lookout, dan diperkirakan menginfeksi 20.000 aplikasi populer Android. Avira Protection Labs menyatakan bahwa keluarga Shedun menginfeksi 1.500-20.000 ponsel per hari. Semua varian dari keluarga Sheldun memiliki kesamaan kode sumber sekitar 80%. Malware ini terdeteksi pada 26 tipe perangkat keras berbasis Android baru yang dibuat di Tiongkok, seperti ponsel pintar dan tablet. (in)
|
