ANDROIDOS_FAKERUN.A

February 06, 2012
 THREAT SUBTYPE:

Click Fraud

 PLATFORM:

Android OS

 OVERALL RISK RATING:
 DAMAGE POTENTIAL:
 DISTRIBUTION POTENTIAL:
 REPORTED INFECTION:

  • Threat Type: Adware

  • Destructiveness: No

  • Encrypted:

  • In the wild: Yes

  OVERVIEW


This rogue app pretends to be an Android version of the popular iOS game, Temple Run.

To get a one-glance comprehensive view of the behavior of this Adware, refer to the Threat Diagram shown below.

Once this malware is installed on the affected devices and the application is used, it creates a certain shortcut.

If the affected phone has Facebook installed, it informs the users that it needs to share the application before it can start the game. It also prompts the user to rate the application in the Android Market before they can start the game.

It also is capable of displaying advertisments using the notification.

This adware may be unknowingly downloaded by a user while visiting malicious websites.

  TECHNICAL DETAILS

File Size:

1,892,765 bytes

File Type:

APK

Memory Resident:

Yes

Initial Samples Received Date:

06 Feb 2012

Payload:

Displays ads

Arrival Details

This adware may be unknowingly downloaded by a user while visiting malicious websites.

NOTES:

Once this malware is installed on the affected devices and the application is used, it creates the following shortcut:

It also adds the following shortcut on the phone’s homepage:

If the affected phone has Facebook installed, it informs the users that it needs to share the application before it can start the game. It also prompts the user to rate the application in the Android Market before they can start the game.

It also is capable of displaying advertisments using the notification.

After sharing and rating it, starting the application only displays a screen for a fake countdown on when the app is going to be released.

  SOLUTION

Minimum Scan Engine:

9.200

TMMS Pattern File:

1.187.00

TMMS Pattern Date:

07 Feb 2012

Step 1

Before doing any scans, Windows XP, Windows Vista, and Windows 7 users must disable System Restore to allow full scanning of their computers.

Step 2

Scan your computer with your Trend Micro product to delete files detected as ANDROIDOS_FAKERUN.A. If the detected files have already been cleaned, deleted, or quarantined by your Trend Micro product, no further step is required. You may opt to simply delete the quarantined files. Please check this Knowledge Base page for more information.

Step 3

Trend Micro Mobile Security Solution

Trend Micro Mobile Security Personal Edition protects Android smartphones and tablets from malicious and Trojanized applications. The App Scanner is free and detects malicious and Trojanized apps as they are downloaded, while SmartSurfing blocks malicious websites using your device's Android browser.

Download and install the Trend Micro Mobile Security App via Google Play.

Step 4

Remove unwanted apps on your Android mobile device

[ Learn More ]

Did this description help? Tell us how we did.