Skip to main content

Godless Malware:Working principle behind Malicious coding process revealed

The process of Godless malware revealed from decompiling the source code.One of the Godless malware app is Summer flashlight according to Trend Micro.
So,I decompiled the dex file of summer flashlight apk into java files.This app packs with mobo SDK which enables the exploit to root install.The target of this app is done through:
1.FastInstallService.java:This set of code makes the device to install service for root install.
2.PMservice.java:This set of code enables to install the package.
3.ScreenChargeReceiver.java:Alerts the root install service when the screen is turned off.
4.C0925A.java:Alerts the service about root status whether success or failure.
After rooting,the service install some unremovable packages without any system privileges.

Comments

Post a Comment

Popular posts from this blog

What improvements we expect from Future Oneplus Phones

Oneplus Smartphones may play well in the market for the mid range to flagship segment.However it lacks some of the features that premium smartphones has. Let's think what makes OnePlus differ from Other Premium Smartphones and What needs to be improved in future releases. OnePlus logo OnePlus Smartphones sports latest flagship chips with higher amount of RAM equipped with latest version of Android running on the top layer of Oxygen OS. Let's see what needs to be improved to keep it on par with other premium smartphones for this price range. 1.Improvements to Front and Rear Camera Over the past years, premium smartphones starting from Samsung Galaxy S7 offers Video recording for atleast 1440p Quad HD quality while keeping 4K video recording for Rear Camera. Samsung Galaxy S20 bumps the video recording quality to 4K for front camera and 8K for rear camera . But, OnePlus Phones still opts to 1080p. The maxium video recording quality needs to be improved for both front and rear ca...
Post a Comment
Read more

Google Integrates Internet Speed test tool into search

Many Internet Speed Test tools are available over online.Now,Google integrates the service into the search for instant access.Now,we can search for speed test and speed test tool will be available directly from the search page without getting into the speed test website.Currently,Google working on it and soon,the update will be available for everyone.
Post a Comment
Read more

Denesh Techs - Double Locker Ransomware

Double Locker Ransomware attacks android device by changing the device PIN and encrypts all the user data.It uses AES(Advanced Encryption Standard) for encrypting the files in the phone which are nearly impossible to decrypt without the key from the hacker.These Ransomwares are distributed through the fake adobe flash player apps or any other fake android apps.Once the app gets installed,The app prompts the user to activate device administration rights.When user unknowingly allows the permission,Then it starts its process.It encrypts the files by wrapping the data under ( .cryeye ) extension.Then it sets the app as default launcher.Whenever,the user unknowingly pressing the home button each time,the ransomware process running in the background triggers and changes the PIN and locks it immediately. The only way to recover the device from Double Locker is to factory reset the smartphone.If the device is rooted,without factory resetting the phone,The PIN can be reset and the datas ca...
Post a Comment
Read more