Other issues in this category (22)
Tuesday, February 28, 2017
When we buy an anti-virus, we rely upon it completely and have no doubts that it will remove malicious files from the system. That’s not always the case, but in those instances users count on the developer's support service to help them out.
And what would you say if the representatives of a company—a manufacturer of security products—offered you the chance to feel like a hacker?
Fortinet experts who discovered a new banking Trojan for Android said that in order to remove it, users must first deprive its rights by executing a specified sequence of actions (Settings → Security → Application administrators → Deactivate) and then remove the Trojan using the ADB utility (Android Debug Bridge).
Deactivate) and then remove the Trojan using the ADB utility (Android Debug Bridge).
Android.BankBot.140.origin really checks whether the Dr.Web anti-virus is installed, but ... after the Trojan detects it on a device, it terminates its activity and removes itself from the system!#Android #mobile #Trojan #anti-virus_scanning
The Anti-virus Times recommends
Fortinet's experts are absolutely right (although this is not mentioned in the news item) that anti-virus protection must be resident. Due to the way the Android OS is organized, by default the anti-virus does not have permission to remove programs from system areas. As a result, a malicious program launched before the anti-virus scanner is launched (if the user is relying only upon it) will be able to prevent it from running.