12345

2/15/2011

New malicious application targeting user information for Android mobile has appeared.

1. Introduction

Since repackaged Android's malicious apps have been found recently, we found repackaged malicious application for Android from Chinese black market.
This repackaged malicious application can spread via various black markets and 3rd party markets and can require various permissions.

2. Spreading path and symptoms of infection

Following figure is the preference of this malicious application.


Following figure is comparison between normal and malicious application.


As always, malicious application needs more grants than normal application.
Upon installed, we can see the icon.


Following image is run screen.


Based on our analysis, we found suspicious symptoms as following.

* Suspicious symptoms

- Try to access certain web site
- Breach mobile information
- Send text
- Remote control
- Install additional application

3. How to prevent

With a big booming of smartphone, general user can easily install various applications.
To use smartphone safely from security threats of these malicious applications, we recommend following tips "Smartphone security management tips" for general users.

Smartphone security management tips

1. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function
2. Download the proven application by multiple users at all times.
3. Use mobile anti-virus SW to check downloaded application before using it.
4. Do not visit suspicious or unknown site via smartphone.
5. Try not to see MMS, text, e-mail from uncertain user.
6. Set strong password on smartphone always.
7. Turn the wireless interfaces like Bluetooth only be used.
8. Do not save important information on phone.
9. Do not try illegal customizing like rooting or jailbreak.

INCA Internet (Security Response Center / Emergency Response Team) provides diagnosis/treatment function with nProtect Mobile for Android for mobile such as malicious file stated above and runs responding system against various security threats.

Diagnosis name

- Trojan-Spy/Android.PJApps.A
- Trojan-Spy/Android.PJApps.B

3.

8 comments:

  1. I found your blog very useful. I guess you should also visit this web-page about keyloggers for android.

    ReplyDelete
  2. More information about spy apps you can find at this page!

    ReplyDelete
  3. ¿Existe realmente un keylogger gratis para Android? Esta es ciertamente la pregunta a la que muchas personas quieren saber la respuesta. keylogger android

    ReplyDelete
  4. The content of this article page, I find the content quite interesting and useful to me, thank you for sharing gem swap 2 free

    ReplyDelete
  5. Finding the best biological science paper writing help and Biological Science Writing Services is not easy unless one is keen to establish a reliable biological science research paper provider & biological science coursework writing services.

    ReplyDelete