Viking Horde ready to invade

  • Capable of DDoS attacks, spam messages
  • Affects both rooted and unrooted devices
Viking Horde ready to invade 
 

The Check Point research team has uncovered a new Android malware campaign on Google Play that  it calls Viking Horde. Viking Horde conducts ad fraud, but can also be used for other attack purposes such as DDoS attacks, spam messages, and more.
 
On at least five instances, Viking Horde managed to bypass Google Play malware scans. On all devices, rooted or not, Viking Horde creates a botnet that uses proxied IP addresses to disguise ad clicks, generating revenue for the attacker.
 
A botnet is a group of devices controlled by hackers without the knowledge of their owners. The bots are used for various reasons based on the distributed computing capabilities of all the devices. The larger the botnet, the greater its capabilities.
 
On rooted devices, Viking Horde delivers additional malware payloads that can execute any code remotely, potentially compromising the security of data on the device. It also takes advantage of root access privileges to make itself difficult or even impossible to remove manually.
 
The most widely-downloaded instance of Viking Horde is the app Viking Jump, which was uploaded to Google Play on April 15th and has between 50,000-100,000 downloads. In some local markets, Viking Jump is a Google Play top free app.
 
Even if the device is not rooted, Viking Horde can turn it into a proxy capable of sending and receiving information per the attacker’s commands.
 
Related Stories
 
VirLock, the first shapeshifting ransomware
 
The massive email hack ... or was it?
 
Sony hack not an anomaly: CyberArk on what’s expected in 2015

For more technology news and the latest updates, follow us on TwitterLinkedIn or Like us on Facebook.
 

 
Keyword(s) :
 
Author Name :
 
Download Digerati50 2020-2021 PDF

Digerati50 2020-2021

Get and download a digital copy of Digerati50 2020-2021