So, how to prevent such an Android smartphone virus? CCTV reporter interviewed Lu, an engineer of Tencent Mobile Security Lab. He suggested that users should not easily open the URL link after receiving a short message from a strange URL, and should not go to unsafe electronic markets or mobile phone forums to download applications. They should go to the safe electronic market and official website to download and install professional mobile phone security software such as Tencent Mobile Manager, which can accurately kill such mobile phone viruses.
On the basis of providing security protection such as virus killing, harassment interception, software rights management and mobile phone anti-theft, mobile phone housekeeper actively meets the management needs of high-end smart phones such as user traffic monitoring, space cleaning, physical examination acceleration, software management and software moving.
Here is a detailed introduction to the housekeeper's virus antivirus:
1) Enter the housekeeper and find the column of virus killing in the security protection:
2) After entering the antivirus function, click the button below to scan the mobile phone for antivirus immediately:
If you encounter dangerous software during scanning, the mobile phone housekeeper will immediately investigate and remove it.
Load ",can remove the virus:
Chapter 2: Introduction of Trojan virus on mobile phone At present, Trojan virus programs on smart phone system have been flooded, especially Android system, which has become the main attack direction of Trojan virus because of its open source and parallel imports and brushing behavior.
The Trojan virus system of Android can be divided into the following main features:
1. Get hardware information, such as IMEI and IMSI.
2. Visit specific websites to increase traffic or call charges.
3. Steal the user's call and SMS information.
4. Steal the sensitive information input by the user's keyboard.
Among the above features, the third and fourth points are the most dangerous to mobile banking. Trojan horse can steal the user name, password and mobile phone transaction code input by customers and send them to remote servers.
1, Introduction of Trojans Stealing User Calls and SMS Information
201110, Kaspersky, an information security vendor, published an analysis article, introducing how the smart phone ZitMo(ZeuS-in-the-Mobile) Trojan steals important data from users.
Mobile phone transaction code was once considered as one of the most reliable online banking security protection measures. However, with the emergence of Zeus Trojan specifically for smart phones, especially ZeuS-in-the-Mobile or ZitMo-mTANs in mobile phones, mobile phone transaction codes have been unable to ensure that users' important data will not fall into the hands of cyber criminals. ZitMo was first detected in September, 20 10, which was specially used to steal mTAN codes in short messages sent by banks, and it is also one of the most concerned mobile phone security incidents so far.
Network security experts said, "First of all, the virus has the ability to spread across platforms, whether it is
Symbian, Windows Mobile, Blackberry and Android systems have all detected this Trojan, and its main purpose is to forward the short message of mobile phone transaction code to cyber criminals (or servers), who can then use these hacked bank accounts for illegal transactions. However, ZitMo's biggest feature is its relationship with ZeuS, a desktop trojan horse. Without the latter, ZitMo can only act as a spyware to forward short messages. And crossing `? Teamwork? Cybercriminals can successfully circumvent the mTAN security settings used to protect the security of online banking. "
The elaborate arrangement of this attack method usually includes the following steps: First, cyber criminals use the desktop version of ZeuS to steal the necessary data in order to enter the online banking account and collect the user's mobile phone number. The victim's mobile phone received a text message, requesting to upgrade the security certificate or other important software. In fact, the link in this short message points to the mobile version of Zeus. If the victim installs this software, the mobile phone will be infected. Then, cybercriminals can steal users' personal data and try to make cash transactions from the victims' accounts, but such transactions need to provide mTAN codes. The bank sends a short message with mTAN code to the user's mobile phone. ZitMo forwarded this short message with mTAN code to the mobile phone of cyber criminals. Cybercriminals use this mTAN code to complete transactions.
ZitMo-related attacks or malicious programs with similar functions will undoubtedly appear in the future, stealing mTAN codes and important confidential data. Therefore, smart phone users should keep in mind some guidelines about mobile phone security: always carefully check the prompted permission requests when installing applications; Don't root or "jailbreak" the phone; Try to avoid downloading programs from unofficial resources. If you download and install Android software from other channels, please make sure its source is regular and reliable. Don't click on the URL link in spam messages. Install reliable antivirus software in your mobile phone and keep it updated. Once a security patch appears, please install it immediately.
2. Introduction of Trojans that steal the hardware information of users' mobile phones.
ADRD Trojan (also known as Red Tou Trojan) has been implanted with more than ten kinds of legal software, and distributed and downloaded through several forums and download websites, thus achieving wide dissemination. Its main behaviors include: opening a number of system services; Send IMEI, IMSI, version and other information of the infected mobile phone to the control server every 6 hours; Receiving an instruction returned by the control server; Retrieve 30 URLs from the data server; Visit these websites in turn and get 30 search engine result links; Visit these links one by one in the background; Download one. Apk installation file to the specified directory of SD card. The mobile phone infected with this Trojan will generate a large amount of network data traffic and will be charged a traffic fee. Attackers benefit by increasing the number of visits to search links.
3. Introduce Trojan horse, and steal the user's keyboard input information.
Recently, a kernel-level spyware called Carrier IQ (CIQ for short) was exposed. The software will secretly collect users' private information, and even it will be secretly recorded every time the keyboard is pressed. Many smart phone users in China, especially parallel users, are in a panic.
It is understood that CIQ was originally an application used to monitor the usage of mobile phones. It will provide specific data to guide mobile phone users according to the usage of mobile phones, which is convenient for mobile phone manufacturers to improve product quality and service.
Level. Mobile phone manufacturers including Apple, HTC and Samsung, as well as AT & amp; T, Sprint, T-Mobile and other operators have pre-installed C IQ software on their mobile phones, which has been pre-installed in about 1.4 1 100 million mobile phones around the world. However, not long ago, it was revealed that CIQ collected users' private data, including users' location, keyboard input and programs running on mobile phones, and uploaded them to the software server. Although CIQ issued a statement saying that the collected data will not be sold to third parties, but will only be used to improve users' mobile network experience, it is still subject to a class action lawsuit by American users for allegedly violating US federal anti-laws. Apple also issued a statement saying that it has stopped supporting CIQ in most iOS 5 devices and will be completely removed in future software upgrades.