The page may not load correctly.
An analysis of the technologies used by cybercriminals allows us to draw conclusions about the virus industry’s possible vectors of development and more effectively confront future threats. You, too, can learn what actions various malicious programs take in infected systems and how to withstand them.
Adware.StrawAd virus records are used to detect Android programs that have the StrawAd unwanted adware platform (an SDK, or Software Development Kit) built into them. Moreover, they detect the individual components of this platform. StrawAd’s main component is Adware.StrawAd.1.origin, which is encrypted and stored among the resource files (in the /assets directory) of the host apps.
When launched, such programs decrypt and run the Adware.StrawAd.1.origin module. In turn, it registers the broadcast receivers (BroadcastReceiver) that track when the device screen is turned on (the USER_PRESENT event). It also starts a special service so that the host application remains running in the background. As a result, when the screen is unlocked, Adware.StrawAd.1.origin can display ads from a variety of advertising service providers, including BigoAd, AppLovin, MBridge, Anythink, and TopOn.
According to statistics, every fifth program for Android contains a vulnerability (or, in other words, a "loophole") that lets cybercriminals successfully introduce Trojans onto mobile devices and manipulate them into doing whatever actions they need them to.
Dr.Web Security Auditor for Android diagnoses and analyses a mobile device’s security and offers solutions to address security problems and vulnerabilities.
