New malicious application targeting user information for Android mobile has appeared.

1. Introduction

Since repackaged Android's malicious apps have been found recently, we found repackaged malicious application for Android from Chinese black market.
This repackaged malicious application can spread via various black markets and 3rd party markets and can require various permissions.

2. Spreading path and symptoms of infection

Following figure is the preference of this malicious application.

Following figure is comparison between normal and malicious application.

As always, malicious application needs more grants than normal application.
Upon installed, we can see the icon.

Following image is run screen.

Based on our analysis, we found suspicious symptoms as following.

* Suspicious symptoms

- Try to access certain web site
- Breach mobile information
- Send text
- Remote control
- Install additional application

3. How to prevent

With a big booming of smartphone, general user can easily install various applications.
To use smartphone safely from security threats of these malicious applications, we recommend following tips "Smartphone security management tips" for general users.

Smartphone security management tips

1. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function
2. Download the proven application by multiple users at all times.
3. Use mobile anti-virus SW to check downloaded application before using it.
4. Do not visit suspicious or unknown site via smartphone.
5. Try not to see MMS, text, e-mail from uncertain user.
6. Set strong password on smartphone always.
7. Turn the wireless interfaces like Bluetooth only be used.
8. Do not save important information on phone.
9. Do not try illegal customizing like rooting or jailbreak.

INCA Internet (Security Response Center / Emergency Response Team) provides diagnosis/treatment function with nProtect Mobile for Android for mobile such as malicious file stated above and runs responding system against various security threats.

Diagnosis name

- Trojan-Spy/Android.PJApps.A
- Trojan-Spy/Android.PJApps.B



  1. I found your blog very useful. I guess you should also visit this web-page about keyloggers for android.

  2. More information about spy apps you can find at this page!

  3. ¿Existe realmente un keylogger gratis para Android? Esta es ciertamente la pregunta a la que muchas personas quieren saber la respuesta. keylogger android

  4. The content of this article page, I find the content quite interesting and useful to me, thank you for sharing gem swap 2 free

  5. Finding the best biological science paper writing help and Biological Science Writing Services is not easy unless one is keen to establish a reliable biological science research paper provider & biological science coursework writing services.

  6. Android should really work on their security features. We must keep in mind that as good technology advances, so does ill-purposed technology. Take for example a website. Area52 is a trusted source. This website would never use or sell your personal data. Android should give their users the same confidence with their products.

  7. شركة تنظيف والتي هي افضل شركات التنظيف علي الإطلاق ، والتي تقدم خدمات نظافة عامة ، خدمات شاملة للمنزل والفلل والبيوت ، سيدتي الفاضلة هل تعانين أثناء تنظيف المنزل من ضيق الوقت وعدم كفايتة نظراً لإنشغالك بامور اخري أو نظراً لانشغالك بعملك أو حتي لصعوبة تنظيف منزلك لكبر المنزل
    تقدم شركة ابرار خدمات التنظيف
    شركة تنظيف

  8. I have seen that this is spreading very fast and people are getting affected with the spread of malicious file. As one my PC also got affected with this issue and I lost all my data including the dissertation file which I had to submit in few days. And I had to look for someone to write my dissertation writing work because some expert can write it in that short period of time.