- Threat Encyclopedia
- Web Attacks
- Fake Apps Affect ANDROID OS Users
Detection Name |
Routines |
ANDROIDOS_DROIDSMS.A |
Attempts to send text messages containing the string “798657” to premium-rate numbers using the infected device’s current default SMS Center (SMSC) by exploiting the Permissions function (android.permission.SEND_SMS). Upon further analysis, however, it failed to successfully run due to programming errors. |
ANDROIDOS_DROISNAKE.A (aka Tap Snake) |
Capable of sending an affected user’s GPS location via HTTP POST upon acceptance of its end- user license agreement (EULA). |
ANDROIDOS_GEINIMI.A |
Opens several ports and connects to specific URLs to receive and execute commands from a remote user. These commands allow the remote user to gather specific information and system properties from the infected device. |
ANDROIDOS_ADRD.A |
Gathers information like International Mobile Equipment Identity (IMEI) and International Mobile Subscriber Identity (IMSI) numbers from infected systems, which is then sent to a specific site. It also downloads an updated copy of itself when executed. |
ANDROIDOS_LOTOOR.A (aka fake Falling Down) |
Connects to specific sites to send and receive information from a remote user. It steals information like ClientInfo as well as IMEI and IMSI numbers from infected devices. It also downloads other malicious apps onto the infected devices. |
ANDROIDOS_BGSERV.A (aka fake Android Market Security Tool) |
Gathers information from an infected device, which is then sent it to a remote user. It also intercepts sent and received text messages and calls as well as downloads files and videos. |
ANDROIDOS_SMSREP.A |
Secretly forwards all incoming text messages to a remote user. |
ANDROIDOS_FAKEP.A |
Attempts to send
text messages to premium-rate numbers. |
ANDROIDOS_FSPY.A |
Monitors an
infected device’s GPS location, text and email messages, as well as calls. It
also gives a remote user the capability to remotely listen to an affected
user’s calls and to control an infected device via SMS. |