New Strain of The Android.Loki Trojan Malware Family

Researchers from Doctor Web have identified a new strain of the malware family of Android.Loki Trojans that pose a serious threat to the smart devices.

Android.Loki Trojans Surface Once Again

The Android.Loki malware family of Android Trojans has grown due to a new sample discovery. Doctor Web experts have uncovered a new derivative that originates from these threats that is labeled as Android.Loki.16.origin . The virus is described as a multi-component malware which is capable of covertly downloading and installing various payloads on Android smart devices. The infection process is done through several steps of engagement. The first reports of the malware family were published in February 2016. The new strain uses a similar injection method however the new version also compromises the Android operating system libraries.

The virus is delivered by a payload downloader. Upon infection the Trojan connects to a remote C&C server and downloads additional malicious modules as well as exploits that root the hacked device. The downloaded files are stored in the application’s own folder. The virus engine then runs the exploits consequently until the virus gains root privileges.

The next step in the process is to mount the /system partition in a way which allows the process to modify the system files. Various malicious components are then extracted from the body and saves them to the binary and library locations.

As the Android.Loki Trojan has already acquired elevated permissions it can also be used to download other malware payloads as well. The security specialists speculate that the virus can also be used to install malicious ads which can also generate financial gain for the operators.

The problem that lies in the new strains is that its operation relies on manipulation of system files and important configuration variables. This means that its removal can effectively render a device non-operational. Recovery may only be possible by reflashing a factory firmware replacement which deletes all user personal files. This is why users need to have performed a backup of all of their important files and photos before engaging in such an operation. Such threats are particularly dangerous to users as they require the use of specialist security tools and careful manipulation to remove the threats.
Fortunately most anti-virus and anti-spyware vendors have already added the virus to their updated definitions sets. You can prevent such infections by running a trusted anti-spyware tool on your PC that prevents malware infections on your computer and all removable devices including connected mart devices.

You can easily remove all threats with the help of an anti-malware tool.

SpyHunter anti-malware tool will diagnose all current threats on the computer. By purchasing the full version, you will be able to remove all malware threats instantly. Additional information about SpyHunter / Help to uninstall SpyHunter

How disturbing is this problem?

Avatar

Author : Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.


Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *