Brought to you by TrendLabs, Trend Micro's global threat research & support organization
Trend Micro——™—Securing Your Journey to the Cloud Follow us on Twitter Like us on Facebook Watch our YouTube Channel


How to Get Rid of OBAD Malware

Cybercriminals have come up with Android malware that not only evade detection but also removal through conventional means. OBAD is one of these.

Nothing Good, Just OBAD

OBAD, aka ANDROIDOS_OBAD.A, lets cybercriminals take complete control of your device after you grant it administrator access. If you delay or deny authorization, it will continue to pester you with requests. Giving in, meanwhile, lets OBAD do any of the following without your knowledge nor consent:

  • Access a remote server via Wi-Fi and wait for commands
  • Steal your information like contacts, call logs, messages, and list of installed apps
  • Download, install, and uninstall apps
  • Send malware to other nearby mobile devices via Bluetooth

Apps Shouldn't Be Administrators (Usually)

OBAD abuses administrator privileges in two ways—it performs the malicious routines stated above and evades detection and removal.

OBAD makes uninstalling difficult to do since it tricks your Android gadget into classifying it as an important device management app. And due to an unresolved Android bug, OBAD also does not appear on your Device Administrator manager app list.

"OBAD lets cybercriminals take complete control of your device and send malware to other nearby mobile devices via Bluetooth."

Removal and Best Practices

While ANDROIDOS_OBAD.A and similar variants are tricky to remove, it's not impossible. We at Trend Micro developed an app that detects all hidden device administrator apps on your device. You can download the app here, run it, and deactivate the malicious app's administrator rights. Without its rights, OBAD and any other malicious app like it can be easily removed from your device.

Here are some other tips to keep your devices OBAD-free:

  • Download apps only from first-party stores or trusted sites. Never download or sideload apps from suspicious sources.
  • Carefully check app permissions. If an app asks for more permissions than it's supposed to, don't grant them.
  • Stay up-to-date with malware news. Subscribe to feeds and sites that post and discuss malware-related news and issues.
  • Install a security solution. Invest in one that automatically updates and blocks threats before they can even get to your device. This adds another layer of protection that can help safeguard you and your personal data.



> View this issue online
> Subscribe to First Line of Defense

> New Report: The Android OS Fragmentation
New Research Paper: Windows 8 and Windows
   RT: New Beginnings