ANDROIDOS_FAKEBATTSAVE.A
Information Stealer
Android OS
Threat Type: Trojan
Destructiveness: No
Encrypted:
In the wild: Yes
OVERVIEW
This Trojan may be manually installed by a user.
It uses a file name similar to a legitimate file to pass as a legitimate file. It uses a convincing Graphical User Interface to make the users think that the software is legitimate.
It steals certain information from the system and/or the user.
TECHNICAL DETAILS
9000 bytes
Yes
02 Aug 2012
Arrival Details
This Trojan may be manually installed by a user.
Installation
This Trojan uses a file name similar to a legitimate file to pass as a legitimate file.
Information Theft
This Trojan steals the following information:
- Phone contacts information
It gathers the following data:
- Phone contacts information
Stolen Information
This Trojan sends the gathered information via HTTP POST to the following URL:
- http://{BLOCKED}6969.heteml.jp/bl.php
SOLUTION
9.200
1.287
02 Aug 2012
Step 1
Scan your computer with your Trend Micro product to delete files detected as ANDROIDOS_FAKEBATTSAVE.A. If the detected files have already been cleaned, deleted, or quarantined by your Trend Micro product, no further step is required. You may opt to simply delete the quarantined files. Please check this Knowledge Base page for more information.
Step 2
Remove unwanted apps on your Android mobile device
Step 3
Trend Micro Mobile Security Solution
Trend Micro Mobile Security Personal Edition protects Android smartphones and tablets from malicious and Trojanized applications. The App Scanner is free and detects malicious and Trojanized apps as they are downloaded, while SmartSurfing blocks malicious websites using your device's Android browser.
Download and install the Trend Micro Mobile Security App via Google Play.
Did this description help? Tell us how we did.