![]() Money is then exchanged between the buyer and the seller using Alipay, Aliwanwang’s payment platform.Īttackers disguised as a buyers sent sellers legitimate photos injected with whitelisted Trojans. ![]() On, buyers initiate purchases by sending a picture of an item to the seller using the Aliwanwang instant messaging app. Once this phase was complete, the attackers could initiate their true malicious activity.Īttacks were staged using, a popular Chinese marketplace that’s similar to eBay but operates differently. ![]() These apps passed Qihoo’s inspection and were whitelisted, allowing the hidden malware to run on machines protected by Qihoo’s wide-spread and free anti-virus solution for mobile and PCs. A complex attack straight out of a spy novelĬyber criminals bribed employees of a Chinese gaming company into including their malware among the legitimate apps it sent to Qihoo 360. Even with well-known third-party app stores the problem of security has become more obvious than ever.Ī great example of this is Qihoo 360, a Chinese company known for its anti-virus software and mobile apps store and that unintentionally whitelisted malware as part of a complex cyberattack. The Check Point Mobile Threat Prevention team has long stressed how dangerous it can be to get apps from sources other than the Apple App Store and Google Play.
0 Comments
Leave a Reply. |