ANDROIDOS_PLANKTON.CDE
Application:Android/Counterclank.A (Fsecure), AdWare.Apperhand (Ikarus), Android/Plankton.H trojan (Eset),
Information Stealer
Android OS
Threat Type: Backdoor
Destructiveness: No
Encrypted: No
In the wild: Yes
OVERVIEW
This malware gathers various information on the affected device. It may connect to a C&C server to send information gathered.
It is capable of setting bookmarks, setting browser homepage, and getting shortcuts on the device.
This backdoor may be manually installed by a user.
TECHNICAL DETAILS
Arrival Details
This backdoor may be manually installed by a user.
NOTES:
This is Trend Micro's detection for Android applications bundled with malicious code.
It may connect to the following C&C server and send details regarding the infected device:
- http://www.{BLOCKED}and.com/ProtocolGW/protocol/commands
The device details include the following:
- Brand
- Device
- Manufacturer
- Model
- Android version
- Device ID (IMEI)
- Display metrics
- Locale
- SDK version
It waits for the following backdoor commands from the server:
- /activate
- /homepage
- /commandstatus
- /bookmarks
- /shortcuts
- /notifications
- /terminate
- /unexpectedexception
- /info
- /optout
It has the capability to do the following routines:
- get / set homepage of the browser
- get / set bookmarks
- set / get shortcuts
- get / set notification link, title, icon and text
SOLUTION
Step 1
Trend Micro Mobile Security Solution
Trend Micro Mobile Security Personal Edition protects Android smartphones and tablets from malicious and Trojanized applications. The App Scanner is free and detects malicious and Trojanized apps as they are downloaded, while SmartSurfing blocks malicious websites using your device's Android browser.
Download and install the Trend Micro Mobile Security App via Google Play.
Step 2
Remove unwanted apps on your Android mobile device
Did this description help? Tell us how we did.