Part1 从样本看Virtual App在黑产中的应用4月初，Trustlook安全研究人员在使用App Insight对国内某商店进行常规审核时，截获了一个名为“换机精灵”的样本，该应用作为一款换机工具，实则为恶意刷量木马， ...
An Updated Version (Version 3.5.10) of the Trustlook Mobile Security App Identifies the BadKernel Issue Affecting 30 Million Android Users
Trustlook has released a new feature in its Trustlook Mobile Security app that detects BadKernel, the widespread vulnerability affecting millions of Android devices.
First discovered in August 2016, BadKernel is a flaw in the Google Chromium mobile browser framework that spreads as users click on malicious links. Users of older versions of Chromium-powered mobile browsers, as well as applications with embedded Webview (such as the massively popular WeChat app) may be vulnerable. If infected, a user’s contacts and text messages could be exposed, as well as any payment passwords.
To determine if your device is vulnerable to this threat, open the Trustlook Mobile Security app, navigate to the BadKernel Vulnerability detector on the main screen, and click “Check it Now.” If you are exposed, you can update your browser software.
Since many phones are not using the most current browser software, this zero-day attack could be used widely. Trustlook encourages users to run a quick scan of their phone and update their browser if they are affected. In addition, Trustlook suggests users not click on random links or links that appear suspicious. They also stress users keep their apps and OS updated, and continually monitor their device for any potential issues.
To check if your Android device is affected by the BadKernel vulnerability, please download the Trustlook Mobile Security app.