12345

8/05/2011

[Warning] Malicious app to collect smartphone information

1. Introduction

Recently, leakage of large data of personal information in South Korea is a big issue. Some people who were stolen their information even try to prosecute.
In the midst of this situation, we found malicious Android application, which supports various voice using functions, but to steal personal information.Collected information can be used on cloned phone, DB transaction, and so on.

Therefore, general user needs to be careful about being infected malicious file from those malicious file.



2. Spreading path and symptoms of infection

In case of this malicious application, it spreads via various black markets and 3rd party markets and can require various permissions as following.


* Permission explanations

- android:name="android.permission.INTERNET"
- android:name="android.permission.READ_PHONE_STATE"
- android:name="android.permission.RECEIVE_BOOT_COMPLETED"
- android:name="android.permission.GET_ACCOUNTS"

After the installation, this malicious application will create execution icon as following.


To execute, you can see this following figure, it makes a big noise.


In addition, if you click upper direction arrow, your page will be changed at AD page for downloading additional applications.



* Detailed analysis

Upon installation, it will add 2 receivers (StartAtBootServiceReceiver, MyReferrerReceiver) and can cause these following symptoms.

* Symptoms of infection
1. Collects IMEI
2. Collects Android's account, country code, provider information
3. Collects numbers in contacts
4. Tries to leak collected information
5. Performs periodically through AlarmManager

First of all, this malicious application can collect numbers in contacts information and IMEI with this following code on execution.



Besides, it can collect Android account information, country code, and provider information.



Collected information can be sent certain URL.



Collecting and sending information, we mentioned above, can be performed through AlarmManager.

3. How to prevent

In case of this malicious application, all malicious functions run in the background as a service and are not visible to the user. And collected information can be used as a spam or cloned phone.

To use smartphone safely from security threats of these malicious applications, we recommend following tips "Smartphone security management tips" for general users.

Smartphone security management tips

1. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function
2. Download the proven application by multiple users at all times.
3. Use mobile anti-virus SW to check downloaded application before using it.
4. Do not visit suspicious or unknown site via smartphone.
5. Try not to see MMS, text, e-mail from uncertain user.
6. Set strong password on smartphone always.
7. Turn the wireless interfaces like Bluetooth only be used.
8. Do not save important information on phone.
9. Do not try illegal customizing like rooting or jailbreak.

INCA Internet (Security Response Center / Emergency Response Team) provides diagnosis/treatment function with nProtect Mobile for Android for mobile such as malicious file stated above and runs responding system against various security threats.

Diagnosis name

 - Trojan-Spy/Android.SndApps.A

26 comments:

  1. A very good post ,I like it very much ,hope you will give another post asap Great info Thanks!

    ReplyDelete
    Replies
    1. Malware is overwhelmingly an issue on Android, a portion of the tips gave right now explicit to Android gadgets. In any case, clients of iOS and Web Design Company Windows Phone can adhere to the vast majority of similar directions to analyze a malevolent application.

      Delete
  2. Pretty! This was an extremely wonderful post. Many thanks for providing this info.
    reflective vest
    reflective fabric

    ReplyDelete
  3. Explore some iphone spy apps that would help you to spy on other devices.

    ReplyDelete
  4. hey! thank you for this coding! i try to make this program since 2 days and i am not able to make it. as it's my lab submissions work so i also display the output. when i run your program it display the same out as i want so i just wanna to say thankyou

    ReplyDelete
  5. In these times, there is a lot of malware application is just launched to collect data and which is not a good thing and critically unsecured. But there are authentic, secure and trustworthy Affordable Essay Writers at $4essay App which assists students in the completion of assignments with professionalism and perfection. 

    ReplyDelete
  6. Tssdk malware unearths its way into google play via lifestyle apps the adware-encumbered apps attempt to entice sufferers into installing an extra software program. A total of 50 malicious apps have managed to pass google's safety tests and land on the google play shop, leading to hundreds of thousands of installs on android gadgets.

    Regards,
    Cheap Essay Writing Service USA | Cheap Essay 247.

    ReplyDelete
  7. Before downloading an Cheap Essay app, make sure you apprehend what records the app will get right of entry to. Read the permissions the app is soliciting for and decide whether or not the information it is asking to access is related to the reason of the app. Study the app’s privacy coverage to look if, or how, your statistics may be shared.

    ReplyDelete
  8. I don't think so that these stuffs matter these days because of latest advancement in software. I am doing SQA for my own software and now it's so easy with modern automated software that requires data input and it works automatically. I did a complete testing of my Essay writing Service using android and iOS mobile testing applications and these mentioned issues are no more consider these days.

    ReplyDelete
  9. When students help in online search they find the cost of essay writing very high. But at allassignmenthelp.com, we provide the best quality essays from students at low charge.someone do my essay for me
    help me do my essay

    ReplyDelete
  10. unixinfotech is one of the best digital marketing company in india.we provide best web development,App development etc.
    best digital marketing company

    web development company

    app development company

    ReplyDelete
  11. I blog frequently and I really appreciate your content. Your article has really peaked my interest. BY: britishacademicwriters.co.uk

    ReplyDelete
  12. Smartphone security depends on the phones as well as on the mobile device management technology introduced on organization servers, that controls and oversees manages security. This blog explore some mobile app development services that would help you to design on other devices.

    ReplyDelete
  13. We have contract law assignment writing service UK writing specialists available too. In the event of any desperation and needing securing specialized information on the different aspects of this particular sub-discipline, feel free to get in touch with our team and get moment arrangements progressing.

    ReplyDelete
  14. i'm doing SQA for my very own software and now it is so easy with modern automated software that needs data input and it works automatically. I did an entire testing of
    Mobile App Design Companiesandroid and iOS mobile testing applications and these mentioned issues are not any more consider lately .

    ReplyDelete
  15. To get the best Programming Assignment help online visit this site and you will find the best content here Programming Assignment Help

    ReplyDelete
  16. If you have death penalty essay titles you can order an essay. Essay writing service where many writers work. Everything can be ordered there. I can save my time.

    ReplyDelete
  17. Amazing article. Your blog helped me to improve myself in many ways thanks for sharing this kind of wonderful informative blogs.
    you can visit GetAssignmentHelpOnline.com they provide best assignment help

    Best Essay Writing Service

    Math Assignment Help

    Law Assignment Help

    Assignment writing service

    ReplyDelete
  18. Here in the site mention the android features and mobile authentication solution well I don't face any kind of issue for watching any kind of videos or 123movies unblocked still giving good results.

    ReplyDelete
  19. My Silver service’s main objective is to offer all customers a quality experience for your satisfaction.
    taxi silver service Melbourne

    ReplyDelete
  20. Great information you shared through this blog.Keep it up and best of luck for your future blogs and posts. Before buying papers from our agency, consider reading BestCustomPapers Reviews. Paying attention to customers’ reviews is quite reasonable if you intend to buy products online, especially when it goes about academic writing. Today, the number of websites offering writing services is considerable and it is very hard to pick the right one.

    ReplyDelete
  21. I don't think with the goal carpets in karachi that these stuffs matter nowadays due to most recent progression in programming. I am doing SQA for my own product and now it's so natural with current
    artificial grass for home robotized programming that requires information and it works consequently. I did a total testing of my Essay composing Service utilizing android and iOS portable testing applications and these referenced issues are no more think about nowadays.

    ReplyDelete
  22. At last my enthusiasm lies in inventive articulation through composition and showing others how its done to help other people along their way of self-revelation.
    Fiver Animator

    ReplyDelete
  23. Our each sentences and paragraph logically connects to the next in order to present clear arguments.
    Online Classes

    ReplyDelete
  24. In Our academic service, we provide introduction background information, lays out the scope and direction of the essay, and states he thesis.
    Academic Inside UK

    ReplyDelete
  25. I had two or three update demands as I comprehended what I needed, and he conveyed. Incredible correspondence, nothing was troublesome and extremely content with result.
    Where to design Logo

    ReplyDelete