Virus posing as 'The Interview' movie link hits cyberspace
After triggering a cyber world conflict between the US and North Korea, a potent virus masquerading under the pseudonym of Hollywood movie 'The Interview' has been seen prowling in the Indian cyberspace to attack and damage Android-based smart phones.
New Delhi: After triggering a cyber world conflict between the US and North Korea, a potent virus masquerading under the pseudonym of Hollywood movie 'The Interview' has been seen prowling in the Indian cyberspace to attack and damage Android-based smart phones.
Cyber security sleuths have detected the activity of this 'Trojan' category virus in the domestic Internet circuit which falsely leads a user to download the much talked about international film leading to compromising of secret private information of a genuine smart phone user.
"Once installed (the virus), the application will display an icon using imagery from the poster of the movie 'The Interview'. When the Trojan is being installed, it requests permissions to perform either open network connections, write to external storage devices or install application packages.
"When the app (application) is installed, it claims to allow users to watch the movie 'The Interview' for free but instead installs a two-stage banking Trojan onto infected devices," the Computer Emergency Response Team of India (CERT-In) said in its latest advisors.
The CERT-In is the nodal agency to combat hacking, phishing and to fortify security-related defences of the Indian Internet domain.
While a 'Trojan' virus, under cyber protocols, is the most deadly variety of an online malware as it cleverly cheats a user into downloading spam into his system, the movie 'The Interview' featured a fictional plot to assassinate North Korean leader Kim Jong-un and was produced by Sony pictures under the banner of its Hollywood films unit.
The film was scheduled for a Christmas release last year but Sony became the target of the biggest cyberattack in US corporate history just before this, as a result of which it cancelled the film's theatrical release and it was eventually screened in select arthouse cinemas and released on the Internet and via cable TV providers.
The United States of America (USA) had directly accused Pyongyang for orchestrating this cyber attack on Sony Pictures, a claim denied by North Korea even as it strongly condemned the movie and its content.
"The name of the movie is being used to perpetrate a virus activity in the Indian systems as it is known worldwide that the much talked-about film is accessible on the Internet. The attackers are using this vulnerability to con Android phone and system users," a cyber security official said.
The deadly virus, also called 'Badaccents', is a premium service banking Trojan that arrives bundled with legitimate Android applications and infects smart phones featuring this operating system.
"The Trojan is created by modifying the legitimate application and then re-distributing via marketplace or other separate channels," the cyber security agency said.
It also tricks the user to respond to a popup with a message to lure the user into launching the downloaded application packages saying: "Google play needs to be updated", which at times, is malicious in content.
The agency also suggested some counter-measures to stop the illegal activity of such viruses.
"Do not download and install applications from untrusted sources, install applications downloaded from reputed application market only, run a full system scan on device with mobile security or anti-virus solution and check for the permissions required by an application before installing.
"Also, exercise caution while visiting trusted/untrusted sites for clicking links, install and maintain updated mobile security/anti-virus solutions, users are advised to keep an eye on data usage and unusual increase in mobile bills, avoid using unsecured, unknown Wi-Fi networks and make a practise of taking regular backup of Android device," the advisory suggested.