Dvmap is The New Deadly Android Virus - See How It Works

It's unfortunate that Viruses and Malware developers will continue finding ways to bypass security on mobile devices and PC in order to harm or hold the owner at ransom. Few weeks ago, we talked about Judy which was a serious ransomware that autoclicks ads thereby generating money for the owner and Ransomware which encrypts (locks) folders on users PC and demand for some thousands of dollars as ransom in order to regain access to the files, but thanks to the developers who found a way to descript and fix it BUT now there is a new trending Virus called Dvmap that is attaching Android devices.
Android virus
Dvmap is primarily targeting mobile devices, according to Kaspersky Labs . This threat is known as Dvmap, and it is different from all the malware we know and trust Google to protect us from.

Kaspersky has been monitoring the distribution of a Trojan horse in the Play Store since April 2017. Dvmap has been able to hide from Google’s protection and verification mechanisms by regularly swapping clean code with malicious code and vice versa. Now, we know that the Bouncers, which was introduced in 2012 to keep malware from the Play Store, can be tricked easily.

How It Works


This malware, classified by Kaspersky Labs as Trojan.AndroidOS.Dvmap.a is a particularly tricky form of malware, according to experts. It tries to gain root access in four different ways, even with 64-bit compatible code. Worse, it injects malicious code into system libraries libdmv.so and libandroid_runtime.so. Subsequently, the Trojan horse triggers protection mechanisms to verify and install third-party apps. This is done by an administrator service called com.qualcmm.timeservices, which looks similar to a legitimate background service like com.qualcomm.timeservices. Note the difference between the two service names, as it is a common ruse employed by hackers and malware advertisers to trick users into trusting them.

Now, the malware could install third-party software on infected devices at a later date. The author could offer this ability to anyone interested, on the black market. Right now, a huge number of devices could be affected. But so far, only a maximum of 50,000 devices are reported to be affected.

REASON WHY IT'S TOO DANGEROUS

Theoretically, Google can delete harmful apps remotely from your device. However, since the malware manipulates system libraries, it could prevent Google from being able to do so, or report the uninstallation immediately to the malware’s author. The author could then install a different version of the malware to escape the protection mechanism again.

HOW TO FIX YOUR PHONE IF INFECTED BY DVMAP

Right now, only formatting the system partition and reinstalling the original firmware can save an affected smartphone.

HOW TO SECURE AND PREVENT YOUR PHONE FROM. BEING ATTACHED

The only way to prevent this from happening is to have the latest security patches. However, not everyone gets the updates, as manufacturers fear that if they do so they will not buy new phones. But ensure your apps are up to date. Refrain from the habit of downloading or collecting apps, music, files etc from untrusted sites, phones or PC.
via

22 comments:

  1. thanks oga wizy for Your nice update

    ReplyDelete
  2. Thanks for Your lovely update

    ReplyDelete
  3. thanks oga wizy from look you will know that this virus is a wicked type and it looks scary.i pray it won't affect my phone.

    ReplyDelete
  4. Newly malware found again , I pray it won't affect my device sha

    ReplyDelete
  5. Let's try to prevent our fone, as u said in the last paragraph

    ReplyDelete
  6. Nice update, thanks.

    Download app from third party site is not secure before, so why download from there?

    Since I heard rooted phone will not have access to play store again I don unroot my phone back to normal, since then I they even enjoy my ba3 life than when its root.

    ReplyDelete
  7. Thanks for the update but I have to point out a little mix up in the article.

    JUDY as a virus is not locking folders and demanding for ransom but rather its RANSOMEWARE that locks folders.

    JUDY is aimed at auto clicking on ads and thereby generating cash for the owner.

    Some readers had missed this point and I'm sure some don't always read between lines

    ReplyDelete
    Replies
    1. Thanks for the observation and correction. Edited!

      Delete
    2. As at the time of this comment, JUDY was still showing and link was showing a post on JUDY.

      Delete
  8. Based on what i gathered from another site relating to this same issue, so many rooted phones have already been infected by this virus.

    ReplyDelete
  9. Newly malware found again, I pray it won't affect my device sha

    ReplyDelete
  10. thanks oga wizy for ur nice update. but how does it affect Android phone.

    ReplyDelete
  11. but can I download on youtube

    ReplyDelete