This repackaged malicious application can spread via various black markets and 3rd party markets and can require various permissions.
2. Spreading path and symptoms of infection
Following figure is the preference of this malicious application.
Following figure is comparison between normal and malicious application.
As always, malicious application needs more grants than normal application.
Upon installed, we can see the icon.
Following image is run screen.
Based on our analysis, we found suspicious symptoms as following.
3. How to prevent
With a big booming of smartphone, general user can easily install various applications.
To use smartphone safely from security threats of these malicious applications, we recommend following tips "Smartphone security management tips" for general users.
INCA Internet (Security Response Center / Emergency Response Team) provides diagnosis/treatment function with nProtect Mobile for Android for mobile such as malicious file stated above and runs responding system against various security threats.