- News
- Technology News
- Tech News
- This new malware on Android can bypass security to steal data
Trending
This new malware on Android can bypass security to steal data
Snowblind manipulates seccomp to hide within apps, posing a dangerous threat that requires vigilance and robust security measures for protection.
Note: This image is AI-generated
A new Android malware called Snowblind has emerged and it's using a clever trick to bypass security. Named Snowblind, this malware exploits a feature meant to protect users – a security check called "seccomp" – to hide its tampering with legitimate apps.
Snowblind "repackages" these apps, making them blind to the fact that Snowblind is now piggybacking on them.
How this malware can be dangerous
According to a report by BleepingComputer, researchers at mobile security company Promon have discovered this malware strain called Snowblind targeting Android devices. This malware leverages tactics to bypass existing security measures.
The malware injects malicious code into the targeted app before its security checks can run. This allows Snowblind to install a filter within seccomp, essentially manipulating the system calls the app can make.
When the app tries to verify if it's been tampered with (a security check), Snowblind's filter intercepts this action and blocks it. This prevents the app from detecting Snowblind's presence.
Snowblind further manipulates the system by altering the app's attempts to access files. It redirects these attempts to an uninfected version of the app, effectively hiding its tampering from the security check.
What this means for users
Snowblind's use of a security feature makes it a particularly dangerous threat. The targeted nature of its attack also minimises its impact on device performance, further reducing the chances of users noticing anything unusual. This underlines the importance of staying vigilant and relying on reputable security solutions to protect your mobile devices.
Snowblind "repackages" these apps, making them blind to the fact that Snowblind is now piggybacking on them.
This allows the malware to misuse accessibility services, which are meant to assist users, but in this case, are hijacked to steal login information or even remotely control the device for malicious purposes.
How this malware can be dangerous
According to a report by BleepingComputer, researchers at mobile security company Promon have discovered this malware strain called Snowblind targeting Android devices. This malware leverages tactics to bypass existing security measures.
Snowblind specifically targets apps that handle sensitive user information. The malware exploits a security feature called "seccomp" that's designed to protect users. Seccomp restricts the actions apps can take, preventing malicious activities.
The malware injects malicious code into the targeted app before its security checks can run. This allows Snowblind to install a filter within seccomp, essentially manipulating the system calls the app can make.
When the app tries to verify if it's been tampered with (a security check), Snowblind's filter intercepts this action and blocks it. This prevents the app from detecting Snowblind's presence.
Snowblind further manipulates the system by altering the app's attempts to access files. It redirects these attempts to an uninfected version of the app, effectively hiding its tampering from the security check.
What this means for users
Snowblind's use of a security feature makes it a particularly dangerous threat. The targeted nature of its attack also minimises its impact on device performance, further reducing the chances of users noticing anything unusual. This underlines the importance of staying vigilant and relying on reputable security solutions to protect your mobile devices.
About the Author
TOI Tech DeskEnd of Article
FOLLOW US ON SOCIAL MEDIA
Hot Picks
TOP TRENDING
Trending Stories
In Section
Entire Website
- Shri Jagannath Puri Rath Yatra 2024 live streaming: When will yatra start, where to watch online, and other information
- Infosys executive vice president Hemant Lamba resigns, here's what he told CEO Salil Parekh in resignation letter
- Starbucks founder Howard Schultz: Steve Jobs asked me to fire my entire leadership team and 'He was right'
- 5 tips to secure your WhatsApp account
- How scammers are using WhatsApp, Facebook, X and Telegram for investment scams in India
- Google updates Weather app with this Apple Weather-like feature: Here’s what has changed
- How to use picture-in-picture with Google Meet: A step-by-step guide
- 5 things WhatsApp wants you to remember while using the app
- Will GTA 6 include a cryptocurrency mission, internet speculates
- Watch: Anand Mahindra shares video of new tech that uses infrared light to detect veins
- PM Modi's 2-day Russia visit to begin today: What's on his agenda
- Hathras stampede: Crowd was poisoned, alleges Baba's lawyer
- How a bleeding Satpal killed a highly-decorated Pak army captain during Kargil War
- As China flexes muscles in SCS, India to host Quad drill
- Amritpal disagrees with his mother on Khalistan sympathies
- 'No MHA action initiated against Kolkata DC on governor's complaint'
- Can Sensex touch 100,000 points and can you benefit from the rise?
- Govt makes ‘big’ clarification on Airtel, Jio, other's mobile tariff hike
- NPS vs PPF Calculator: NPS better than PPF to become a crorepati?
- Second term for Labour MP who played cricket in alleys of Kanpur
Popular Categories
Hot on the Web
Top Trends
Trending Topics
Jagannath Rath Yatra WishesIslamic New Year WishesNatasa StankovicBigg Boss OTT 3 ContestantsGangajalDeepika Padukone Baby Astro predictionAmbani Family GarbaAmbani House AntiliaKeir StarmerTMKOC Star Cast FeesFunniest ImagesMen ExercisesSunita Williams Education QualificationJackie ShroffGujarati Mameru CeremonyIsha AmbaniBest Smart Tv Under 15000Bharti Airtel Data BreachBajaj Cng BikeIndian Cricket Team Welcome Ceremony
Living and entertainment
Latest News
EU regulator has a ‘warning’ for Nvidia: “We have been…”How scammers are using WhatsApp, Facebook, X and Telegram for investment scams in IndiaGemini, Daily Horoscope Today, July 8, 2024: Take decisive actionsThere is a need not to die but live for the country: Amit ShahCM Punk Reacted to the Retirement Announcement of John CenaWhy Kamala Harris is not speaking about BidenUnion minister Chirag Paswan meets Bihar CM Nitish KumarHome design trends with influence of nature as inspirationsWhy tweets against minister’s wife cost TMC’s Saket Gokhale Rs 50 lakhPM Modi's 2-day Russia visit to begin tomorrow: Check what's on agendaJharkhand cabinet likely to be expanded after trust vote on MondayAir India welcomes its first narrow body aircraft with its new liveryLicence mandatory to set up stalls on private land in Maharashtra's Lonavla'Unluckiest bear in the world': Albino grizzly bear mistaken for a polar bear sent to the Arctic 5 times!6 UP kids drown in 2 separate cases, 4 others & woman savedSubhash Ghai recalls memories with Dilip Kumar on his third death anniversary: 'I stayed with him for 20 years and that changed my whole life' - ExclusiveAnant Ambani-Radhika Merchant’s sangeet: Kareena Kapoor Khan REACTS to Shloka Mehta’s 'Bole Chudiyan' lookWhat Indian startups can learn from Twitter clone Koo's failure
Copyright © 2024 Bennett, Coleman & Co. Ltd. All rights reserved. For reprint rights: Times Syndication Service