The page may not load correctly.
An analysis of the technologies used by cybercriminals allows us to draw conclusions about the virus industry’s possible vectors of development and more effectively confront future threats. You, too, can learn what actions various malicious programs take in infected systems and how to withstand them.
Program.CloudInject virus records are used to detect Android applications that have been modified using the CloudInject cloud service. The apps are modified on a remote server. Using the eponymous utility (detected as Tool.CloudInject by Dr.Web), which has been installed on an Android device, modders (users) upload pre-prepared APK files of the target software or copies of previously installed apps. Then, on the server side, obfuscated code is injected into the target software. Meanwhile the modder cannot control what exactly will be built into the app.
When programs are being modified, a number of dangerous system permissions, the list of which is constantly changing, are added to them. Once the process is complete, users are able to remotely manage modified apps. For instance, they can block them, display custom dialogs (notifications and dialog boxes), use them to track the installation and removal of other software, etc.
According to statistics, every fifth program for Android contains a vulnerability (or, in other words, a "loophole") that lets cybercriminals successfully introduce Trojans onto mobile devices and manipulate them into doing whatever actions they need them to.
Dr.Web Security Auditor for Android diagnoses and analyses a mobile device’s security and offers solutions to address security problems and vulnerabilities.
