TrojanSpy:AndroidOS/FakeToken.A (Microsoft); Android.Faketoken (Symantec); Andr/FkToken-A (Sophos)
Downloaded from the Internet
This spyware targets mobile banking users by posing as a fake token generator. During execution it asks for the user's password and generates a fake token while sending the user's information to a specific number and remote servers in the background.
To get a one-glance comprehensive view of the behavior of this Spyware, refer to the Threat Diagram shown below.
This spyware is an application that poses as a token generator from a certain bank. Users must enter a password. Otherwise, it displays an error.
It generates the fake token and executes its malicious code in the background.
This spyware may be unknowingly downloaded by a user while visiting malicious websites. It may be manually installed by a user.
16 Mar 2012
Steals information, Compromises the security of the affected device
This spyware may be unknowingly downloaded by a user while visiting malicious websites.
It may be manually installed by a user.
It is an application that poses as a token generator from a certain bank. Upon execution, it displays the following:
Users must enter a password. Otherwise, it displays an error.
When users click Generar, it generates the fake token and executes its malicious code in the background. It gathers the following information:
- Phone model
- SDK version
It sends these information along with the password entered to the following number:
It also sends these information to the following remote servers:
It also steals the following information from the affected device:
- Contacts list
- Text messages
It also has the capability to execute itself at a scheduled time. This enables the malware to run a background service and listen for commands from the remote servers. These include the following commands:
- Download and install another APK
- Send the contacts list and SMS messages to the remote server
- Update the number where stolen information are sent
16 Mar 2012
Trend Micro Mobile Security Solution
Trend Micro Mobile Security Personal Edition protects Android smartphones and tablets from malicious and Trojanized applications. The App Scanner is free and detects malicious and Trojanized apps as they are downloaded, while SmartSurfing blocks malicious websites using your device's Android browser.
Remove unwanted apps on your Android mobile device
Did this description help? Tell us how we did.