In the midst of this atmosphere, inducing malicious app charging SMS premium service has been found, so that user who frequently downloads apps at black market needs to be careful.
2. Spreading path and symptoms of infection
This malicious application can spread via various black markets and 3rd party markets and can require various permissions as following.


* Permission explanation
- android:name="android.permission.READ_CONTACTS"
- android:name="android.permission.RESTART_PACKAGES"
- android:name="android.permission.INTERNET"
- android:name="android.permission.SEND_SMS"
- android:name="android.permission.RECEIVE_SMS"
- android:name="android.permission.WRITE_EXTERNAL_STORAGE"
- android:name="android.permission.ACCESS_NETWORK_STATE"
- android:name="android.permission.READ_PHONE_STATE"
- android:name="android.permission.READ_SMS"
- android:name="android.permission.WRITE_SMS"
- android:name="android.permission.READ_CONTACTS"
- android:name="android.permission.RESTART_PACKAGES"
- android:name="android.permission.INTERNET"
- android:name="android.permission.SEND_SMS"
- android:name="android.permission.RECEIVE_SMS"
- android:name="android.permission.WRITE_EXTERNAL_STORAGE"
- android:name="android.permission.ACCESS_NETWORK_STATE"
- android:name="android.permission.READ_PHONE_STATE"
- android:name="android.permission.READ_SMS"
- android:name="android.permission.WRITE_SMS"
Upon installed, this will create execution icon as following, clicking icon will show you following screen.
* Run Icon
* Run Screen
* Detailed analysis
This malicious application registers 1 Receiver to manage SMS, and can set high priority.
* Receiver register- com.talkweb.comm.SmsReceiver
Furthermore, this malicious application can subscribe premium service after being infected, and subscription procedure will be proceed by receiving SMS from certain premium service provider's number.
* Subscription procedures
- Sends service register SMS to service provider
- Replies SMS about detailed service description from service provider
- User needs to send reply SMS including this word "Y" for confirming.
- Sends service register SMS to service provider
- Replies SMS about detailed service description from service provider
- User needs to send reply SMS including this word "Y" for confirming.
After the subscription, this malicious application can finish subscription procedure after confirming sending SMS. Besides, this app will remove related SMS through following code before being recognized by user.
But there is a difference between this app and previous similar application on numbering additional service number in its code's condition states.
3. How to prevent
In case of this malicious application, since it was designed to target Chinese user, it hasn't been reported in South Korea, but it can be repackaged and give financial damage to general user.
To use smartphone safely from security threats of these malicious applications, we recommend following tips "Smartphone security management tips" for general users.
Smartphone security management tips
1. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function
2. Download the proven application by multiple users at all times.
3. Use mobile anti-virus SW to check downloaded application before using it.
4. Do not visit suspicious or unknown site via smartphone.
5. Try not to see MMS, text, e-mail from uncertain user.
6. Set strong password on smartphone always.
7. Turn the wireless interfaces like Bluetooth only be used.
8. Do not save important information on phone.
9. Do not try illegal customizing like rooting or jailbreak.
1. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function
2. Download the proven application by multiple users at all times.
3. Use mobile anti-virus SW to check downloaded application before using it.
4. Do not visit suspicious or unknown site via smartphone.
5. Try not to see MMS, text, e-mail from uncertain user.
6. Set strong password on smartphone always.
7. Turn the wireless interfaces like Bluetooth only be used.
8. Do not save important information on phone.
9. Do not try illegal customizing like rooting or jailbreak.
INCA Internet (Security Response Center / Emergency Response Team) provides diagnosis/treatment function with nProtect Mobile for Android for mobile such as malicious file stated above and runs responding system against various security threats.
شركة مكافحة النمل الابيض غرب الرياض
ReplyDeleteشركة مكافحة النمل الابيض شرق الرياض
شركة مكافحة النمل الابيض بالمدينة المنورة
شركة رش مبيدات جنوب الرياض
شركة رش مبيدات شمال الرياض
شركة رش مبيدات وسط الرياض
شركة رش مبيدات غرب الرياض
شركة رش مبيدات شرق الرياض
شركة مكافحة حشرات جنوب الرياض
شركة مكافحة حشرات شمال الرياض
شركة مكافحة حشرات وسط الرياض
شركة مكافحة حشرات غرب الرياض
I recommend that you also take a look at this article about phone tracking applications such ass yahoo spy
ReplyDeleteI found your post so interesting. Thank you for the valuable information.
ReplyDeletedownload gapps
What a great article! I love it. Can't wait to read more.
ReplyDeleteGreat Article
ReplyDeleteNetwork Security Projects for CSE
JavaScript Training in Chennai
Project Centers in Chennai
JavaScript Training in Chennai
kingroot apk
ReplyDeletekingroot apk download
kingroot apk latest version
download kingroot apk
I hope I could find more updates from you. Thank you for sharing the nice article
vlc
ReplyDeletevlc download
vlc media player
vlc.best
Wales publications are well-known publishing solution providers in various disciplines in the UK, Wales Publications serving to scientific organizations worldwide. Contact us for further information and know our best services and deals to achieve your goal.The fast submission process includes rapid publication research in UK that includes unique rapid process, inhouse peer review and 100% acceptance guarantee.
ReplyDelete