Shedun: Perbedaan antara revisi
Konten dihapus Konten ditambahkan
Fitur saranan suntingan: 2 pranala ditambahkan. |
Dinaharani (bicara | kontrib) Tidak ada ringkasan suntingan |
||
(2 revisi perantara oleh satu pengguna lainnya tidak ditampilkan) | |||
Baris 5:
Aksi Shedun dimulai dengan "membungkus kembali" aplikasi Android asli (seperti [[Facebook]], [[Twitter]], [[WhatsApp]], [[Candy Crush Saga|Candy Crush]], [[Google Now]], dan [[Snapchat]]<ref>{{cite web|url=https://blog.botfrei.de/2015/11/android-trojaner-auf-dem-vormarsch/|title=Android-Malware: Adware war gestern. Android-Trojaner auf dem Vormarsch.|work=botfrei Blog}}</ref>)<ref name="appleinsider.com2"/><ref name="auto2">{{cite web|url=https://arstechnica.com/security/2015/11/new-type-of-auto-rooting-android-adware-is-nearly-impossible-to-remove/|title=New type of auto-rooting Android adware is nearly impossible to remove|work=Ars Technica}}</ref><ref name="michaelmimoso2">{{cite web|url=https://threatpost.com/shuanet-adware-rooting-android-devices-via-trojanized-apps/115265/|title=Shuanet Adware Roots Android Devices - Threatpost - The first stop for security news|work=Threatpost - The first stop for security news|author=Michael Mimoso}}</ref> dengan ditambah ''adware'', kemudian diedarkan melalui situs unduhan aplikasi pihak ketiga.<ref>{{cite web|url=http://www.itespresso.de/2015/11/23/shedun-adware-nistet-sich-gegen-den-willen-der-nutzer-in-android-ein/|title=Adware Shedun nistet sich gegen den Willen der Nutzer in Android ein|work=ITespresso.de}}</ref> Ketika diunduh dan dipasang oleh korbannya, aplikasi-aplikasi tersebut tetap berjalan seperti biasa, tetapi korban mengeluhkan munculnya iklan mengganggu (laba dari iklan tersebut mencapai $2 per pemasangan<ref name="michaelmimoso2"/>). Malware ini bercokol sedemikian kuat, hingga jalan satu-satunya adalah me-[[Root (Android)|root]] ponsel korban dan memasang kembali ROM pabrik.<ref name="dailymail.co.uk2"/><ref>{{cite web|url=http://en.yibada.com/articles/82763/20151108/android-trojan-software-morphs-real-apps-nearly-impossible-remove-device.htm|title=Android Trojan Software Morphs Into Real Apps, Nearly Impossible To Remove From Device’s System: Report|work=Yibada}}</ref><ref>{{cite web|url=http://www.golem.de/news/android-malware-schadsoftware-rootet-und-infiziert-geraete-unwiederbringlich-1511-117307.html|title=Android-Malware: Neue Schadsoftware rootet Geräte und ist kaum zu entfernen - Golem.de|publisher=}}</ref>
Malware ini terdeteksi pada 26 tipe<ref>{{cite web|url=http://thehackernews.com/2015/09/android-smartphone-malware.html|title=26 Android Phone Models Shipped with Pre-Installed Spyware|date=3 September 2015|work=The Hacker News|author=Swati Khandelwal}}</ref> [[perangkat keras]] berbasis Android baru yang dibuat di [[Republik Rakyat Tiongkok|Tiongkok]], seperti ponsel pintar dan tablet.<ref>{{cite web|url=https://public.gdatasoftware.com/Presse/Publikationen/Malware_Reports/G_DATA_MobileMWR_Q2_2015_US.pdf|title=G Data : Mobile Malware Report|website=Public.gdatasoftware.com|format=PDF|accessdate=2016-04-20|archive-date=2017-02-15|archive-url=https://web.archive.org/web/20170215072736/https://public.gdatasoftware.com/Presse/Publikationen/Malware_Reports/G_DATA_MobileMWR_Q2_2015_US.pdf|dead-url=yes}}</ref><ref>{{cite web|url=http://news.softpedia.com/news/24-chinese-android-smartphones-models-come-with-pre-installed-malware-490930.shtml|title=24 Chinese Android Smartphone Models Come with Pre-Installed Malware|date=4 September 2015|work=softpedia|author=Catalin Cimpanu}}</ref><ref>{{cite web|url=http://www.ibtimes.com/amazon-selling-40-android-tablets-come-pre-installed-malware-2181424|title=Amazon Selling $40 Android Tablets That Come With Pre-Installed Malware|work=International Business Times|author=David Gilbert}}</ref><ref>{{cite web|url=http://securityaffairs.co/wordpress/39821/hacking/chinese-smartphones-pre-installed-malware.html|title=Chinese smartphones infected with pre-installed malwareSecurity Affairs|work=Security Affairs}}</ref><ref>{{cite web|url=http://www.scmagazine.com/chinese-android-smartphones-now-shipping-with-pre-installed-malware/article/436655/|title=Chinese Android smartphones now shipping with pre-installed malware|work=SC Magazine|access-date=2019-01-12|archive-date=2016-05-07|archive-url=https://web.archive.org/web/20160507000052/http://www.scmagazine.com/chinese-android-smartphones-now-shipping-with-pre-installed-malware/article/436655/|dead-url=yes}}</ref><ref>{{cite web|url=http://au.idigitaltimes.com/malware-found-pre-installed-xiaomi-huawei-lenovo-phones-107190|title=Malware Found Pre-Installed on Xiaomi, Huawei, Lenovo Phones|work=iDigitalTimes.com|author=Diane Samson|access-date=2019-01-12|archive-date=2016-08-23|archive-url=https://web.archive.org/web/20160823030514/http://au.idigitaltimes.com/malware-found-pre-installed-xiaomi-huawei-lenovo-phones-107190|dead-url=yes}}</ref><ref>{{cite web|url=http://www.designntrend.com/articles/64631/20151113/amazon-s-40-chinese-android-tablets-infected-pre-installed-malware.htm|title=Amazon’s $40 Chinese Android Tablets Infected With Pre-Installed Malware|work=Design & Trend|access-date=2019-01-12|archive-date=2017-02-15|archive-url=https://web.archive.org/web/20170215072603/http://www.designntrend.com/articles/64631/20151113/amazon-s-40-chinese-android-tablets-infected-pre-installed-malware.htm|dead-url=yes}}</ref><ref>{{cite web|url=http://www.computerworld.com/article/2488173/security0/pre-installed-malware-found-on-new-android-phones.html|title=Pre-installed malware found on new Android phones|date=5 March 2014|work=Computerworld|author=Jeremy Kirk}}</ref><ref>{{cite web|url=https://public.gdatasoftware.com/Presse/Publikationen/Malware_Reports/G_DATA_MobileMWR_Q2_2015_EN.pdf|title=G Data : Mobile Malware Report|website=Public.gdatasoftware.com|format=PDF|accessdate=2016-04-20|archive-date=2016-03-10|archive-url=https://web.archive.org/web/20160310213705/https://public.gdatasoftware.com/Presse/Publikationen/Malware_Reports/G_DATA_MobileMWR_Q2_2015_EN.pdf|dead-url=yes}}</ref><ref>{{cite web|url=https://www.hackread.com/amazon-safe-haven-for-android-tablets-malware/|title=Amazon Store, a safe haven for Android Tablets with pre-installed malware|work=HackRead|author=Waqas}}</ref><ref>{{cite web|url=
Keluarga ''malware'' ini juga diketahui memiliki kemampuan auto-root <ref name="auto2"/><ref>{{cite web|url=http://techreport.com/news/29281/trojan-adware-on-android-can-give-itself-root-access|title=Trojan adware on Android can give itself root access|work=The Tech Report}}</ref> menggunakan celah keamanan seperti ExynosAbuse, Memexploit, dan Framaroot <ref>{{cite web|url=http://praxistipps.chip.de/shedun-shuanet-und-shiftybug-android-smartphone-vor-malware-schuetzen_44475|title=Shedun, Shuanet und Shiftybug: Android-Smartphone vor Malware schützen|publisher=}}</ref> dan memasang dirinya sendiri sebagai aplikasi sistem dan membuat salinan dirinya di partisi sistem, sehingga "setel ulang ke pabrikan" tidak dapat mengatasi malware ini.<ref name="theregister.co.uk">{{cite web|url=https://www.theregister.co.uk/2015/11/20/shedun_adware/|title=Android's accessibility service grants god-mode p0wn power|publisher=}}</ref><ref>{{cite web|url=https://blog.lookout.com/blog/2015/11/19/shedun-trojanized-adware/|title=Trojanized adware family abuses accessibility service to install whatever apps it wants | Lookout Blog|date=2015-11-19|website=Blog.lookout.com|accessdate=2016-04-10|archive-date=2016-04-23|archive-url=https://web.archive.org/web/20160423033315/https://blog.lookout.com/blog/2015/11/19/shedun-trojanized-adware/|dead-url=yes}}</ref>
Keluarga ''malware'' ini sering kali memasang aplikasi adware lain tanpa seizin korbannya,<ref name="manishsingh3"/> sehingga diklasifikasikan sebagai "''adware'' agresif" karena sering memasang "aplikasi yang tak diinginkan"<ref>{{cite web|url=http://www.areamobile.de/news/35337-trojaner-adware-installiert-selbststaendig-ungewollte-android-apps|title=Trojaner-Adware installiert selbstständig ungewollte Android-Apps|website=Areamobile.de|accessdate=2016-04-20}}</ref><ref>{{cite web|url=http://androidmag.de/news/technik-news/shedun-neue-android-adware-installiert-apps-ohne-deine-einwilligung/|title=Shedun: Neue Android-Adware installiert Apps ohne deine Einwilligung|work=Androidmag}}</ref><ref>{{cite web|url=http://winfuture.de/news,89953.html|title=Installation auch nach Ablehnung: Neue dreiste Android-Adware|publisher=|author=John Woll}}</ref> sekaligus membombardir ponsel korban dengan iklan.<ref>{{cite web|url=http://en.yibada.com/articles/90437/20151201/android-shedun-malware.htm|title=Android Shedun Malware: New Malware That Can Grant Access to Your Phone; Malware Impossible To Be Removed?|work=Yibada}}</ref>
|