A quick run-down of known Android trojans' functions

The android-based e-threats found so far are exclusively trojans, masquerading either as legitimate or as pirated versions of popular applications. Only one in particular functions as a trojan downloader and that, only on rooted devices.

Otherwise, these e-threats exhibit lots of variation in their behavior and purpose. Some are designed steal data, so SMS messages get forwarded to certain number, location data, IMEI and IMSI numbers get sent to remote servers and so on.

Others are designed to rack up charges for dubious services on the phone bill, a certain percentage of which goes into the virus writers’ pockets. This is the preferred method in Russia, apparently.

Yet others are designed simply to perpetrate clickfraud – they can be instructed to access certain addresses at certain intervals, such as to appear, for instance, as if the user of the affecteddevice is clicking a banner or a text ad somewhere. Of course, the advertising revenue then finds its way into the crooks’ pockets.

The issue is made rather simple by the fact that Android needs explicit permission to install apps: one needs to inform the users that some apps in particular are e-threats, before they get conned into believing otherwise.