1 min read

A quick run-down of known Android trojans' functions

Răzvan STOICA

May 12, 2011

A quick run-down of known Android trojans' functions

The android-based e-threats found so far are exclusively trojans, masquerading either as legitimate or as pirated versions of popular applications. Only one in particular functions as a trojan downloader and that, only on rooted devices.

Otherwise, these e-threats exhibit lots of variation in their behavior and purpose. Some are designed steal data, so SMS messages get forwarded to certain number, location data, IMEI and IMSI numbers get sent to remote servers and so on.

Others are designed to rack up charges for dubious services on the phone bill, a certain percentage of which goes into the virus writers’ pockets. This is the preferred method in Russia, apparently.

Yet others are designed simply to perpetrate clickfraud – they can be instructed to access certain addresses at certain intervals, such as to appear, for instance, as if the user of the affecteddevice is clicking a banner or a text ad somewhere. Of course, the advertising revenue then finds its way into the crooks’ pockets.

The issue is made rather simple by the fact that Android needs explicit permission to install apps: one needs to inform the users that some apps in particular are e-threats, before they get conned into believing otherwise.

tags


Author



Right now

Top posts

LuminousMoth – PlugX, File Exfiltration and Persistence Revisited

LuminousMoth – PlugX, File Exfiltration and Persistence Revisited

July 21, 2021

9 min read
How We Tracked a Threat Group Running an Active Cryptojacking Campaign

How We Tracked a Threat Group Running an Active Cryptojacking Campaign

July 14, 2021

10 min read
A Note from the Bitdefender Labs Team on Ransomware and Decryptors

A Note from the Bitdefender Labs Team on Ransomware and Decryptors

May 26, 2021

2 min read
New Nebulae Backdoor Linked with the NAIKON Group

New Nebulae Backdoor Linked with the NAIKON Group

April 28, 2021

1 min read
Good riddance, GandCrab! We’re still fixing the mess you left behind.

Good riddance, GandCrab! We’re still fixing the mess you left behind.

June 17, 2019

5 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

LuminousMoth – PlugX, File Exfiltration and Persistence Revisited LuminousMoth – PlugX, File Exfiltration and Persistence Revisited
Bogdan BOTEZATUVictor VRABIE
9 min read
Debugging MosaicLoader, One Step at a Time Debugging MosaicLoader, One Step at a Time
Janos Gergo SZELESBogdan BOTEZATU
1 min read
How We Tracked a Threat Group Running an Active Cryptojacking Campaign How We Tracked a Threat Group Running an Active Cryptojacking Campaign
Bitdefender

July 14, 2021

10 min read