Posts | Comments

Planet Arduino

Archive for the ‘Trojan’ Category

If you are an Android user and a big fan of Super Mario beware: there is no Android version! There has been no official news on the Android version yet, let alone a version of the game. There is, however, a version circulating outside of Google Play market that will steal your bank account.

Right now attackers are taking advantage of the game’s popularity and Android users despair to spread malware posing as an Android version of Super Mario Run as they did in the past for Pokemon GO. The trojan is called Android Marcher and has been around since 2013, mostly targeting mobile users financial information. After installation, the application attempts to trick users with fake finance apps and a credit card page in an effort to capture banking details. The malware also locks out Google Play until the user supplies their credit card information.

In this new variant of Marcher, it can monitor the device and steal login data of regular apps, not just banking and payment apps, and send the stolen data back to command and control (C&C) servers. Facebook, WhatsApp, Skype, Gmail, the Google Play store are all vulnerable. Criminals can exploit these stolen accounts to carry out additional fraud.

Zscaler researchers advice is:

To avoid becoming a victim of such malware, it is a good practice to download apps only from trusted app stores such as Google Play. This practice can be enforced by unchecking the “Unknown Sources” option under the “Security” settings of your device.

We may add to turn on “App Verification”. Verify Apps regularly checks activity on your device and prevents or warns you about potential harm. Verify Apps is on by default, as is Unknown Sources turned off. Verify Apps also checks apps when you install them from sources other than Google Play. Of course, there is a privacy trade-off. Some information has to be sent about the apps you install back to Google.

The main advice is: use common sense. It’s common practice for companies to release official apps versions through Google Play and highly unlikely to do it via any other way.


Filed under: Arduino Hacks, news, security hacks

trojan77

Trojan 77 is a gamified simulation of the Trojan virus running on Arduino Uno. The Trojan is a malware designed to provide unauthorised remote access to a user’s computer amongst other harmful possibilities and this prototype was designed to be exhibited at a technology museum to show the most important effects the virus. Inspired by the tilting labyrinth game, the prototype simulates a few key effects of the Trojan virus like passwords leaking out, files being deleted and culminating in a system crash.

Trojan 77  was created by a team of Physical Computing students (Dhrux Saxena, Gunes Kantaroglu, Liliana Lambriev, Karan Chaitanya Mudgal) at CIID:

The idea of designing something analog to explain a digital construct was an exciting challenge to undertake. The way that computer viruses operate can be very complicated and hard to explain without overloading people with detailed information. Making this information visual via animated projections helped to communicate the effects in a fun and memorable way.

The Trojan moved through several prototyping stages. Initially, the wooden structure was built, followed by the maze. The structure as a whole became functional with the addition of Arduino and Processing. Two servo motors controlled by a joystick enabled the tilt while the movement of the ball triggered distinct light sensors which in turn triggered events in a Processing sketch mapped onto the maze.

The students created also a great video documentary  to explain the project with a style inspired by the work  of Charles and Ray Eames:



  • Newsletter

    Sign up for the PlanetArduino Newsletter, which delivers the most popular articles via e-mail to your inbox every week. Just fill in the information below and submit.

  • Like Us on Facebook