Adware or Malware? If Gunpoder family managed to stay so long in the water line is maintaining this confusion and this kind of mixture. As explained by the company Palo Alto, this family of malicious programs designed Android smartphone users and most antivirus tools detect it as just Adware. But according to Palo Alto, malware from the Gunpoder strain also have many typical features of malware and could harm the user: collection of personal data, but also dissemination and propagation via SMS, as well as the ability to download and implement new modules to be grafted new features.
The first broadcasts this malware vectors are, unsurprisingly, the third-party application stores, including the conditions and quality checks are far less advanced than the Google Play Store. Based on open source Nesoid emulator, which emulates the Nintendo console on Android devices, Gunpoder says his business model is based on advertising and offers the user to download Airpush, an advertising program is responsible for collecting the personal data of the user. According to Palo Alto, these data are not only used for targeted advertising, but also to set up targeted attacks or phishing. Finally, the application provides the user to subscribe to a paid subscription, which will allow it if the authorization is given to recover the banking information of the target.
The malware is broadcast via third-party application stores and Palo Alto claims to have found traces of infections in addition to several different countries, including France. The application has all the features of Benin adware, but its ability to implement new modules and its ability to evade traditional security locks implemented on Android encourages caution. Normal safety measures Suffice it to remember: be confined to the Google Play Store to download applications and do not install an application whose provenance is questionable.