Shedun: Perbedaan antara revisi

Jelajahi riwayat secara interaktif

Konten dihapus Konten ditambahkan

VisualTeks wiki

Revisi per 12 Januari 2019 02.08 sunting Manguung (bicara \| kontrib) Peninjau otomatis 95 suntingan membuat halaman Tag: tanpa kategori [ * ] VisualEditor		Revisi terkini sejak 22 Agustus 2023 07.01 sunting balikkan Dinaharani (bicara \| kontrib) 2 suntingan Tidak ada ringkasan suntingan
(8 revisi perantara oleh 4 pengguna tidak ditampilkan)
Baris 1: '''Shedun''' adalah nama dari keluarga [[virus ponsel]] (dikenal juga dengan Kemoge, Shiftybug, dan Shuanet<ref>{{cite web\|url=https://hackbails.wordpress.com/2015/11/05/trojanized-adware-already-infected-more-than-20000-android-apps/\|title=Shuanet, ShiftyBug and Shedun malware could auto-root your Android – HackBails\|date=2015-11-05\|publisher=Hackbails.wordpress.com\|accessdate=2016-10-02\|author=by @HackTheW0r1d}}</ref><ref name="securityweek.com">{{cite web\|url=http://www.securityweek.com/android-adware-abuses-accessibility-service-install-apps\|title=Android Adware Abuses Accessibility Service to Install Apps\|website=SecurityWeek.com\|accessdate=2016-04-20}}</ref><ref name="~~manishsingh~~manishsingh3">{{cite web\|url=http://gadgets.ndtv.com/apps/news/new-android-adware-can-download-install-apps-without-permission-report-768664\|title=New Android Adware Can Download, Install Apps Without Permission: Report\|work=NDTV Gadgets360.com\|author=Manish Singh}}</ref>) yang menyasar sistem berbasis [[Android (sistem operasi)\|Android]]. Aksi Shedun terungkap pada 2015 oleh perusahaan keamanan ponsel Lookout, dan diperkirakan menginfeksi 20.000<ref name="appleinsider.~~com~~com2">{{cite web\|url=http://forums.appleinsider.com/discussion/189949/three-new-malware-strains-infect-20k-apps-impossible-to-wipe-only-affect-android\|title=Three new malware strains infect 20k apps, impossible to wipe, only affect Android\|work=AppleInsider Forums}}</ref> aplikasi populer Android.<ref name="~~manishsingh2~~manishsingh3"~~>{{cite web\|url=http:~~//gadgets.ndtv.com/apps/news/new-android-adware-can-download-install-apps-without-permission-report-768664\|title=New Android Adware Can Download, Install Apps Without Permission: Report\|work=NDTV Gadgets360.com\|author=Manish Singh}}</ref><ref name="dailymail.co.ukuk2">{{cite web\|url=http://www.dailymail.co.uk/sciencetech/article-3306142/Hackers-reveal-Android-malware-IMPOSSIBLE-remove-Malicious-bug-20-000-apps.html\|title=Hackers reveal Android trojan malware that is IMPOSSIBLE to remove\|date=5 November 2015\|work=Mail Online}}</ref><ref>{{cite web\|url=http://appleinsider.com/articles/15/11/05/three-new-malware-strains-infect-20k-apps-impossible-to-wipe-only-affect-android\|title=Three new malware strains infect 20k apps, impossible to wipe, only affect Android\|last=Eran\|first=Daniel\|date=2015-11-05\|publisher=Appleinsider.com\|accessdate=2016-10-02}}</ref><ref>{{cite web\|url=http://www.droidreport.com/articles/2516/20151110/android-malware-loose-shuanet-shiftybug-shedun-signatures-found-20000-apps-outside-google.htm\|title=Android Malware On The Loose: Shuanet, ShiftyBug And Shedun Signatures Found On 20,000 Apps Outside Google Play Store\|last=\|first=\|date=\|work=Droid Report\|archive-url=\|archive-date=\|dead-url=\|access-date=}}</ref><ref>{{cite web\|url=http://darkmatters.norsecorp.com/2015/11/20/shedun/\|title=Shedun Trojan goes solo\|work=Darkmatters\|access-date=2019-01-12\|archive-date=2016-04-08\|archive-url=https://web.archive.org/web/20160408145243/http://darkmatters.norsecorp.com/2015/11/20/shedun/\|dead-url=yes}}</ref><ref>{{cite web\|url=http://lavasoft.com/mylavasoft/company/blog/popular-mobile-apps-repackaged-with-trojans\|title=Popular Mobile Apps Repackaged with Trojans\|date=2015-11-04\|publisher=Lavasoft\|accessdate=2016-10-02}}</ref> Avira Protection Labs menyatakan bahwa keluarga Shedun menginfeksi 1.500-20.000 ponsel per hari.<ref name="avira.com">{{cite web\|url=http://blog.avira.com/shedun/\|title=Shedun: adware/malware family threatening your Android device\|work=Avira Blog}}</ref> Semua varian dari keluarga Sheldun memiliki kesamaan [[kode sumber]] sekitar 80%.<ref>{{cite web\|url=http://www.elektronikpraxis.vogel.de/iot/security/articles/510900/\|title=Neue Welle von Android-Malware lässt sich kaum mehr entfernen\|website=Elektronikpraxis.vogel.de\|accessdate=2016-04-20}}</ref><ref>{{cite web\|url=http://www.itseccity.de/virenwarnung/hintergrund/lookout021215.html\|title=Gemeinsamkeiten: Shuanet, Shedun & ShiftyBug\|website=Itseccity.de\|accessdate=2016-04-20\|author=PMK Presse, Messe & Kongresse Verlags GmbH}}</ref> Aksi Shedun dimulai dengan "membungkus kembali" aplikasi Android asli (seperti [[Facebook]], [[Twitter]], [[WhatsApp]], [[Candy Crush Saga\|Candy Crush]], [[Google Now]], dan [[Snapchat]]<ref>{{cite web\|url=https://blog.botfrei.de/2015/11/android-trojaner-auf-dem-vormarsch/\|title=Android-Malware: Adware war gestern. Android-Trojaner auf dem Vormarsch.\|work=botfrei Blog}}</ref>)<ref name="appleinsider.com2"~~>{{cite web\|url=http:~~//forums.appleinsider.com/discussion/189949/three-new-malware-strains-infect-20k-apps-impossible-to-wipe-only-affect-android\|title=Three new malware strains infect 20k apps, impossible to wipe, only affect Android\|work=AppleInsider Forums}}</ref><ref name="~~auto~~auto2">{{cite web\|url=https://arstechnica.com/security/2015/11/new-type-of-auto-rooting-android-adware-is-nearly-impossible-to-remove/\|title=New type of auto-rooting Android adware is nearly impossible to remove\|work=Ars Technica}}</ref><ref name="~~michaelmimoso~~michaelmimoso2">{{cite web\|url=https://threatpost.com/shuanet-adware-rooting-android-devices-via-trojanized-apps/115265/\|title=Shuanet Adware Roots Android Devices - Threatpost - The first stop for security news\|work=Threatpost - The first stop for security news\|author=Michael Mimoso}}</ref> dengan ditambah ''adware'', kemudian diedarkan melalui situs unduhan aplikasi pihak ketiga.<ref>{{cite web\|url=http://www.itespresso.de/2015/11/23/shedun-adware-nistet-sich-gegen-den-willen-der-nutzer-in-android-ein/\|title=Adware Shedun nistet sich gegen den Willen der Nutzer in Android ein\|work=ITespresso.de}}</ref> Ketika diunduh dan dipasang oleh korbannya, aplikasi-aplikasi tersebut tetap berjalan seperti biasa, tetapi korban mengeluhkan munculnya iklan mengganggu (laba dari iklan tersebut mencapai $2 per pemasangan<ref name="michaelmimoso2"~~>{{cite web\|url=https:~~//threatpost.com/shuanet-adware-rooting-android-devices-via-trojanized-apps/115265/\|title=Shuanet Adware Roots Android Devices - Threatpost - The first stop for security news\|work=Threatpost - The first stop for security news\|author=Michael Mimoso}}</ref>). Malware ini bercokol sedemikian kuat, hingga jalan satu-satunya adalah me-[[Root (Android)\|root]] ponsel korban dan memasang kembali ROM pabrik.<ref name="dailymail.co.uk2"~~>{{cite web\|url=http:~~//www.dailymail.co.uk/sciencetech/article-3306142/Hackers-reveal-Android-malware-IMPOSSIBLE-remove-Malicious-bug-20-000-apps.html\|title=Hackers reveal Android trojan malware that is IMPOSSIBLE to remove\|date=5 November 2015\|work=Mail Online}}</ref><ref>{{cite web\|url=http://en.yibada.com/articles/82763/20151108/android-trojan-software-morphs-real-apps-nearly-impossible-remove-device.htm\|title=Android Trojan Software Morphs Into Real Apps, Nearly Impossible To Remove From Device’s System: Report\|work=Yibada}}</ref><ref>{{cite web\|url=http://www.golem.de/news/android-malware-schadsoftware-rootet-und-infiziert-geraete-unwiederbringlich-1511-117307.html\|title=Android-Malware: Neue Schadsoftware rootet Geräte und ist kaum zu entfernen - Golem.de\|publisher=}}</ref> Malware ini terdeteksi pada 26 tipe<ref>{{cite web\|url=http://thehackernews.com/2015/09/android-smartphone-malware.html\|title=26 Android Phone Models Shipped with Pre-Installed Spyware\|date=3 September 2015\|work=The Hacker News\|author=Swati Khandelwal}}</ref> [[perangkat keras]] berbasis Android baru yang dibuat di [[Republik Rakyat Tiongkok\|Tiongkok]], seperti ponsel pintar dan tablet.<ref>{{cite web\|url=https://public.gdatasoftware.com/Presse/Publikationen/Malware_Reports/G_DATA_MobileMWR_Q2_2015_US.pdf\|title=G Data : Mobile Malware Report\|website=Public.gdatasoftware.com\|format=PDF\|accessdate=2016-04-20\|archive-date=2017-02-15\|archive-url=https://web.archive.org/web/20170215072736/https://public.gdatasoftware.com/Presse/Publikationen/Malware_Reports/G_DATA_MobileMWR_Q2_2015_US.pdf\|dead-url=yes}}</ref><ref>{{cite web\|url=http://news.softpedia.com/news/24-chinese-android-smartphones-models-come-with-pre-installed-malware-490930.shtml\|title=24 Chinese Android Smartphone Models Come with Pre-Installed Malware\|date=4 September 2015\|work=softpedia\|author=Catalin Cimpanu}}</ref><ref>{{cite web\|url=http://www.ibtimes.com/amazon-selling-40-android-tablets-come-pre-installed-malware-2181424\|title=Amazon Selling $40 Android Tablets That Come With Pre-Installed Malware\|work=International Business Times\|author=David Gilbert}}</ref><ref>{{cite web\|url=http://securityaffairs.co/wordpress/39821/hacking/chinese-smartphones-pre-installed-malware.html\|title=Chinese smartphones infected with pre-installed malwareSecurity Affairs\|work=Security Affairs}}</ref> <ref>{{cite web\|url=http://www.scmagazine.com/chinese-android-smartphones-now-shipping-with-pre-installed-malware/article/436655/\|title=Chinese Android smartphones now shipping with pre-installed malware\|work=SC Magazine\|access-date=2019-01-12\|archive-date=2016-05-07\|archive-url=https://web.archive.org/web/20160507000052/http://www.scmagazine.com/chinese-android-smartphones-now-shipping-with-pre-installed-malware/article/436655/\|dead-url=yes}}</ref><ref>{{cite web\|url=http://au.idigitaltimes.com/malware-found-pre-installed-xiaomi-huawei-lenovo-phones-107190\|title=Malware Found Pre-Installed on Xiaomi, Huawei, Lenovo Phones\|work=iDigitalTimes.com\|author=Diane Samson\|access-date=2019-01-12\|archive-date=2016-08-23\|archive-url=https://web.archive.org/web/20160823030514/http://au.idigitaltimes.com/malware-found-pre-installed-xiaomi-huawei-lenovo-phones-107190\|dead-url=yes}}</ref><ref>{{cite web\|url=http://www.designntrend.com/articles/64631/20151113/amazon-s-40-chinese-android-tablets-infected-pre-installed-malware.htm\|title=Amazon’s $40 Chinese Android Tablets Infected With Pre-Installed Malware\|work=Design & Trend\|access-date=2019-01-12\|archive-date=2017-02-15\|archive-url=https://web.archive.org/web/20170215072603/http://www.designntrend.com/articles/64631/20151113/amazon-s-40-chinese-android-tablets-infected-pre-installed-malware.htm\|dead-url=yes}}</ref><ref>{{cite web\|url=http://www.computerworld.com/article/2488173/security0/pre-installed-malware-found-on-new-android-phones.html\|title=Pre-installed malware found on new Android phones\|date=5 March 2014\|work=Computerworld\|author=Jeremy Kirk}}</ref><ref>{{cite web\|url=https://public.gdatasoftware.com/Presse/Publikationen/Malware_Reports/G_DATA_MobileMWR_Q2_2015_EN.pdf\|title=G Data : Mobile Malware Report\|website=Public.gdatasoftware.com\|format=PDF\|accessdate=2016-04-20\|archive-date=2016-03-10\|archive-url=https://web.archive.org/web/20160310213705/https://public.gdatasoftware.com/Presse/Publikationen/Malware_Reports/G_DATA_MobileMWR_Q2_2015_EN.pdf\|dead-url=yes}}</ref><ref>{{cite web\|url=https://www.hackread.com/amazon-safe-haven-for-android-tablets-malware/\|title=Amazon Store, a safe haven for Android Tablets with pre-installed malware\|work=HackRead\|author=Waqas}}</ref><ref>{{cite web\|url=~~http~~https://~~www.eweek~~tafsiran.com/~~security/pre~~cara-~~installed~~mengatasi-~~android~~layanan-~~malware~~google-~~raises~~play-~~security~~terus-~~risks-in-supply-chain.html~~berhenti/\|title=Pre-Installed Android Malware Raises Security Risks in Supply Chain\|~~publisher~~\|date=Juli 2022 \|bot=InternetArchiveBot \|fix-attempted=yes }}</ref><ref>{{cite web\|url=http://www.huffingtonpost.com/entry/android-malware-pre-installed_us_55e6f2e8e4b0aec9f355271f\|title=Some Android Phones Come With Malware Pre-Installed: Report\|work=The Huffington Post}}</ref><ref>{{cite web\|url=http://wccftech.com/brand-android-smartphones-coming-spyware-malware/\|title=Brand New Android Smartphones Coming with Spyware and Malware\|work=WCCFtech}}</ref><ref>{{cite web\|url=https://www.grahamcluley.com/2014/06/chinese-android-malware/\|title=Chinese Android smartphone comes with malware pre-installed\|work=Graham Cluley}}</ref><ref>{{cite web\|url=http://www.ghacks.net/2015/09/08/beware-your-android-phone-might-come-with-preloaded-spyware/\|title=Beware, your Android phone might come with preloaded spyware\|date=8 September 2015\|work=gHacks Technology News\|author=Martin Brinkmann}}</ref> Keluarga ''malware'' ini juga diketahui memiliki kemampuan auto-root <ref name="auto2"~~>{{cite web\|url=https:~~//arstechnica.com/security/2015/11/new-type-of-auto-rooting-android-adware-is-nearly-impossible-to-remove/\|title=New type of auto-rooting Android adware is nearly impossible to remove\|work=Ars Technica}}</ref><ref>{{cite web\|url=http://techreport.com/news/29281/trojan-adware-on-android-can-give-itself-root-access\|title=Trojan adware on Android can give itself root access\|work=The Tech Report}}</ref> menggunakan celah keamanan seperti ExynosAbuse, Memexploit, dan Framaroot <ref>{{cite web\|url=http://praxistipps.chip.de/shedun-shuanet-und-shiftybug-android-smartphone-vor-malware-schuetzen_44475\|title=Shedun, Shuanet und Shiftybug: Android-Smartphone vor Malware schützen\|publisher=}}</ref> dan memasang dirinya sendiri sebagai aplikasi sistem dan membuat salinan dirinya di partisi sistem, sehingga "setel ulang ke pabrikan" tidak dapat mengatasi malware ini.<ref name="theregister.co.uk">{{cite web\|url=https://www.theregister.co.uk/2015/11/20/shedun_adware/\|title=Android's accessibility service grants god-mode p0wn power\|publisher=}}</ref><ref>{{cite web\|url=https://blog.lookout.com/blog/2015/11/19/shedun-trojanized-adware/\|title=Trojanized adware family abuses accessibility service to install whatever apps it wants \| Lookout Blog\|date=2015-11-19\|website=Blog.lookout.com\|accessdate=2016-04-10\|archive-date=2016-04-23\|archive-url=https://web.archive.org/web/20160423033315/https://blog.lookout.com/blog/2015/11/19/shedun-trojanized-adware/\|dead-url=yes}}</ref> Keluarga ''malware'' ini ~~seringkali~~sering kali memasang aplikasi adware lain tanpa seizin korbannya,<ref name="manishsingh3"~~>{{cite web\|url=http:~~//gadgets.ndtv.com/apps/news/new-android-adware-can-download-install-apps-without-permission-report-768664\|title=New Android Adware Can Download, Install Apps Without Permission: Report\|work=NDTV Gadgets360.com\|author=Manish Singh}}</ref> sehingga diklasifikasikan sebagai "''adware'' agresif" karena sering memasang "aplikasi yang tak diinginkan"<ref>{{cite web\|url=http://www.areamobile.de/news/35337-trojaner-adware-installiert-selbststaendig-ungewollte-android-apps\|title=Trojaner-Adware installiert selbstständig ungewollte Android-Apps\|website=Areamobile.de\|accessdate=2016-04-20}}</ref><ref>{{cite web\|url=http://androidmag.de/news/technik-news/shedun-neue-android-adware-installiert-apps-ohne-deine-einwilligung/\|title=Shedun: Neue Android-Adware installiert Apps ohne deine Einwilligung\|work=Androidmag}}</ref><ref>{{cite web\|url=http://winfuture.de/news,89953.html\|title=Installation auch nach Ablehnung: Neue dreiste Android-Adware\|publisher=\|author=John Woll}}</ref> sekaligus membombardir ponsel korban dengan iklan.<ref>{{cite web\|url=http://en.yibada.com/articles/90437/20151201/android-shedun-malware.htm\|title=Android Shedun Malware: New Malware That Can Grant Access to Your Phone; Malware Impossible To Be Removed?\|work=Yibada}}</ref> == Catatan kaki == <references responsive="" /> [[Kategori:Virus komputer]]