terlasas.blogg.se - Loki shell valmod pack

#Loki shell valmod pack update
#Loki shell valmod pack for android

In specific time periods, Android.Loki.2.origin connects to the server in order to accept instructions and send the following information: Once the information is sent to the server, the Trojan receives a configuration file necessary for its operation.

Information about installed and available RAM of the device.

However, it also acts as a spyware program as it collects and sends the following information: The second component of this pack- Android.Loki.2.origin-installs different applications on the infected device and displays advertisements.

#Loki shell valmod pack update

Update its components and download plug-ins from the server.Register any application as the Accessibility Service application.Enable and disable applications and their components.

For example, it can download any application from Google Play using a special link that indicates a user account of some affiliate program focused on generating income. Android.Loki.1.origin is a service that can perform a wide variety of functions. Android.Loki.3 incorporates it into one of system processes-thus, Android.Loki.1.origin gains the system privileges.

#Loki shell valmod pack for android

The first one is launched with the help of the liblokih.so library that Dr.Web for Android detects as Android.Loki.6. The pack consists of three associated Trojans dubbed Android.Loki.1.origin, Android.Loki.2.origin, and Android.Loki.3 respectively. Doctor Web specialists registered a whole pack of multifunctional malicious programs for Android this February. First samples had rather primitive structure, but their today’s counterparts, on the contrary, are almost equal to the fanciest Trojans for Windows. Virus makers continue to complicate architecture of malicious programs for Android.