12345

8/04/2011

[Warning] Android malicious app to induce user pay for text msg

1. Introduction

Recently, malicious Android apps have been found frequently, and most of those apps can Read and Write on SMS.
Since this malicious app can damage user financially with using SMS premium service, user who usually downloads apps at black market needs special attention.
In case of these malicious applications, the coding technique is so sophisticated that general user can rarely recognize the status infected or not.



2. Spreading path and symptoms of infection

Based on our analysis, this malicious application made for targeting Chinese user, in Korea, there hasn't been found big damages so far.

In case of this malicious application, it spreads via various black markets and 3rd party markets and can require various permissions as following.



* Permission explanations

- android:name="android.permission.INTERNET
- android:name="android.permission.ACCESS_NETWORK_STATE"
- android:name="android.permission.RECEIVE_SMS"
- android:name="android.permission.SEND_SMS"
- android:name="android.permission.READ_PHONE_STATE"
- android:name="android.permission.RECEIVE_BOOT_COMPLETED"

After the installation, this malicious application will create execution icon as following.


To execute, you can see this following figure.



* Detailed analysis

This malicious application can cause these following symptoms

* Symptoms of infection

1. Tries to send SMS for extra charging
2. Blocks SMS from certain number
3. Collects IMEI
4. Collects location information(GPS)
5. Tries to leak collected information
6. Runs at background

This malicious application sends SMS to parsed number after parsing for being induced premium service number with using following code. Besides, the SMS contents will be parsed and sent with following code.



You can receive the reply of chosen menu after sending SMS. This application can get the number first, before getting replied SMS, and block reply SMS after parsing with following code. Finally user cannot see the reply.


This malicious application can collect IMSI information, which can be sent to certain external site.



After reading the certain URL through another Class source code above, it combines and completes rest part of URL. Finally it tries to leak collected information.

Besides, this can collected information where the user is with using GPS related functions, getLatitude() and getLongtitude().

3. How to prevent

This malicious application can run all malicious functions to collect location and send or block SMS information on background. Furthermore, infected user can be scammed.
To use smartphone safely from security threats of these malicious applications, we recommend following tips "Smartphone security management tips" for general users.

Smartphone security management tips

1. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function
2. Download the proven application by multiple users at all times.
3. Use mobile anti-virus SW to check downloaded application before using it.
4. Do not visit suspicious or unknown site via smartphone.
5. Try not to see MMS, text, e-mail from uncertain user.
6. Set strong password on smartphone always.
7. Turn the wireless interfaces like Bluetooth only be used.
8. Do not save important information on phone.
9. Do not try illegal customizing like rooting or jailbreak.

INCA Internet (Security Response Center / Emergency Response Team) provides diagnosis/treatment function with nProtect Mobile for Android for mobile such as malicious file stated above and runs responding system against various security threats.

Diagnosis name

- Trojan-Spy/Android.LoveTrap.A

33 comments:

  1. In general,it is savvy to scrutinize every single permission an Android app asks for –numerous apps request intrusive permissions when they needn't bother with them.Indeed apps packed with aggressive adware have a skill for gathering more data than they would commonly need to perform enough.Make sure to read your permissions before clicking "accept".
    ~Lisa Moore.

    ReplyDelete
  2. Hello! The media is loaded with reports saying Android malware is blasting and that Android clients are at danger. Does this mean you ought to introduce an antivirus application on your Android telephone or tablet?While there may be a great deal of Android malware in the wild, a glance at Android's protections and studies from antivirus organizations uncovers that you're likely protected in the event that you take after some essential safety measures.Thank you so much!!
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
    Jara

    ReplyDelete
  3. Really great read.I would like to add little bit.Spyware apps,as anyone might expect,additionally make an incredible showing with concealing themselves.Most demonstrated no icon on the rundown of phone apps.The best way to discover them is to look in the rundown of running apps inside of the Android settings menu.Indeed,even there,the apps frequently endeavored to camouflage themselves with names that seemed like system processes (e.g., Android Manager,SIM Toolkit,Android Framework) or security services (LookOutSecure).Have a good day.@Kathy Brooks.

    ReplyDelete
  4. This should also give your customer support executives the flexibility to split complex tickets into multiple smaller sections, so that you can assign each component to your specialist customer care team members. There should also be an option to merge together similar tickets so that they are dealt with more efficiently.
    4k video downloader crack

    ReplyDelete
  5. There are spy app features that help you to monitor people's phones, for example, web mailer, screenshots, application usage and installation and keylogger, take a look at app here to find more information.

    ReplyDelete
  6. To reduce potential contamination of your device based on Android, I recommend to use only proven repository of apk files. One of the most reliable resource is androidappforyou.com.

    ReplyDelete
  7. I'm trying to protect my device from fraudsters. That's why my friend recommended installing android spy https://www.hoverwatch.com/free-android-keylogger . So I can track the location of my smartphone at any time.

    ReplyDelete
  8. The Android mobile handsets, which, allow's confront it, consist of an actually-rising amount of devices, is emerging as a severe contender inside the struggle to protected domination in the mobile market.
    http://www.showboxdownloadsapp.com/

    ReplyDelete
  9. In this world of ever growing technology, we can easily watch the latest movies or tv shows by streaming on different websites.
    Now we can even watch the movies and TV shows on our Android or Windows smartphones
    ShowBox Apk Download

    ReplyDelete
  10. Start using mobistealth app for people to track other people.

    ReplyDelete
  11. Wow! This is a real device. It's interesting to experience Rolly. I'm sure that such a smartphone will be popular soon. As the app for your smartphone http://9spyapps.com/best-hidden-keylogger-android/ . Each device owner knows how to use such trackers.

    ReplyDelete
  12. Puffin is a web browser that not only brings you Flash, but also an incredibly speedy browser experience overall. Puffin Web Browser for PC

    ReplyDelete
  13. Lucky Patcher Apk Download is a Valuable & Useful Android App (Application) & Tool and the one-stop solution for the Android Smartphone Device to delete & remove in app Ads (Advertisements) get free in app purchases, Bypass Premium Applications License Verification, Install Modded Play Store, Restore & Backup Apps, entitlement programs, Get Unlimited Coins, Modify Apps Permissions, Customize Android Apps, Uninstall System Apps, Convert User App to System Apps, Resolve Android App Problems, Make Paid Apps Free & much more.

    ReplyDelete
  14. Lucky Patcher APK v6.7.5 (Latest) Direct Download for Android. Download Lucky Patcher APK Android Application (Latest) File From Here.luckypatcherdownloads

    ReplyDelete
  15. Using big data seemes uneasy thing to do. As for me the most difficult thing is essay writing. But I cope with it easily because I have essay writing service https://thepaperwriting.com/research-paper-writing.

    ReplyDelete
  16. CBSE 12th result 2018 : The Central board of secondary Education (CBSE) may announce the
    result of CBSE class 12th 2018 in month of May 2018.The CBSE 12th class results will be
    announced by the Central board of secondary education through the online at cbseresults.nic.in.
    The Central board of secondary education (CBSE),New Delhi conducted the examination for class
    12th standard in CBSE syllabus for all regions in India according to the official announcement.

    CBSE 10th Results 2018
    CBSE 12th Results 2018
    CBSE 10th Class Results 2018
    CBSE 12th Class Results 2018
    CBSE Board 10th Results 2018

    ReplyDelete
  17. TS SSC Results 2018 : The TS 10th Results will be declared by TS SSC Board on May 2018
    onwards.The TS SSC results will be announced by the board of secondary education through the online at
    bseap.org. The board of secondary education ,TS conducted the secondary school certificate
    (SSC)examination for 1oth class standard in TS state.These public exams are conducted by the
    Board of secondary education, TS in the month of March 2018 to April 2018 session for
    the academic year 2017-2018.

    AP SSC Results 2018
    TS SSC Results 2018
    Telangana SSC Results 2018
    AP SSC Results
    TS SSC Results

    ReplyDelete
  18. AP SSC Results 2018 : The AP 10th Results will be declared by Andhra pradhesh SSC Board on May 2018
    onwards.The AP SSC results will be announced by the board of secondary education through the online at
    bseap.org. The board of secondary education ,A ndhra pradhesh conducted the secondary school certificate
    (SSC)examination for 1oth class standard in Andha pradhesh state.These public exams are conducted by the
    Board of secondary education Andhra pradhesh (BSEAP) in the month of March 2018 to April 2018 session for
    the academic year 2017-2018.

    AP SSC Results 2018
    manabadi ssc results 2018
    AP SSC Results
    AP 10th Results 2018
    AP 10th Class Results 2018

    ReplyDelete
  19. TS SSC Results 2018 : The TS 10th Results will be declared by Telangana SSC Board on May 2018
    onwards.The TS SSC results will be announced by the board of secondary education through the online at
    bseap.org. The board of secondary education, Telangana conducted the secondary school certificate
    (SSC)examination for 1oth class standard in TS state.These public exams are conducted by the
    Board of secondary education TS (BSEAP) in the month of March 2018 to April 2018 session for
    the academic year 2017-2018.

    TS SSC Results 2018
    Telangana SSC Results 2018
    TS 10th Results 2018
    TS 10th Class Results 2018
    Telangana 10th Results 2018

    ReplyDelete
  20. The TS EAMCET Results 2018 will be declared by JNTU-Hyderabad on May 2018.The TS EAMCET 2018 Exam to be
    conducted in online mode in various exam centers across Andhra pradhesh and Telangana states. Nearly 2lakh
    candidates are appeared for this Engineering ,Medical & Agriculture Common entrance test to getting into
    different under graduate courses in Telangana state colleges.

    telangana eamcet results
    ts eamcet results
    ap eamcet results
    telangana eamcet results 2018

    ReplyDelete
  21. Reliance Jio is also said to be eyeing the telecom towers and optic fibre network of the cash-strapped
    phone services provider — assets that Canadian pension fund Brookfield, and a clutch of private equity
    firms have also shown interest in, said one of the sources.
    The joint lenders forum (JLF), which met in Mumbai on Thursday, discussed the sale of assets of the
    telecommunications firm and a proposal to convert RCom’s debt into equity.
    jio dth price plan
    jio app free download
    jio phone booking status

    ReplyDelete
  22. Nice posting. I really liked this post. Thanks for sharing this post with us.
    SSC CONSTABLE GD

    ReplyDelete
  23. Very Interesting and wonderfull information keep sharing
    Click Here

    ReplyDelete
  24. Great, thanks for sharing this blog.Really looking forward to read more. Really Cool. Valuable information! Looking forward to seeing your notes posted.
    Thank you for sharing the nice article. Good to see your article hp laserjet p1102 drivers


    ReplyDelete