New iDroid mobile trojan said to impact iOS and Android devices

Share this article:
Smartphones at risk of malicious code injection through HTML5-based apps
A new mobile trojan could possibly attack devices running either iOS or Android.

A new piece of mobile malware being offered up on Russian underground forums might be capable of attacking devices running either iOS or Android operating systems.

Researchers with Israel-based cyber intelligence company SenseCy recently discovered the trojan – named, perhaps appropriately, iDroid – being sold for about $800, according to a Monday post, which explains buyers must leave contact details with the seller in order to obtain the malware.

While noteworthy for impacting Android versions 2.2 and up, and iOS versions 7.1 and below, iDroid has many other capabilities, including keylogging, credit card and email grabbing, SMS sending and interception, conversation and screenshot recording, and stealing data from mobile wallets, such as QIWI.

Responders on the forums have been fairly skeptical of the malware, particularly because of how tough it is to infect iOS, but perhaps more because of how challenging it is to code a trojan that can impact two entirely different operating systems.

But it may not be impossible.

“There has been cross-platform malware in the past; however, it was usually a name for several components that were specific to the operating system and were loosely combined, or was using languages [such as] Java,” Assaf Keren, CTO of SenseCy, told SCMagazine.com on Monday.

Keren said that he cannot comment on whether iDroid actually does any of what it claims because technical analysis of the trojan has yet to be concluded, but after seeing a video that details much of the malware's offerings, he said it is likely that iDroid does at least some of what it asserts.

“The seller is very reputable in the underground – that makes it less likely to be a scam,” Keren said. “In these areas, if you're caught scamming and lying, you'll probably be kicked out and your revenue stream will stop.”

Version 0.8 of iDroid, said to be in the works, would add a utility for writing Zeus-like injections into banking and payment system applications, as well as enable automatic injections into 56 banking applications and automatic delivery of the trojan via Bluetooth, according to the post.

[An earlier version of this story reversed the iOS and Android versions that were impacted].
Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in News

Sign up to our newsletters

More in News

LEADS Act addresses gov't procedure for requesting data stored abroad

LEADS Act addresses gov't procedure for requesting data ...

Senators introduced the legislation last week as a means of amending the Electronic Communications Privacy Act (ECPA).

Report: Intrustion prevention systems made a comeback in 2013

Report: Intrustion prevention systems made a comeback in ...

A new report indicates that intrusion prevention systems grew 4.2 percent in 2013, with growth predicted to continue.

Mobile device security sacrificed for productivity, study says

Mobile device security sacrificed for productivity, study says

A Ponemon Institute study, sponsored by Raytheon, revealed that employees increasingly use mobile devices for work but cut corners and circumvent security.