Since leaked smartphone information can be used malignantly in various parts, it means that the security threats will be getting bigger.
In the midst of this situation, we found another malicious application to collect smartphone information.
Therefore, general user needs to be careful about being infected malicious file from those malicious file.
Currently, in case of this android malicious application, there is nothing special diagnosis tool and classification system. And it can be made by general user easily, so smartphone security threats will be getting bigger.
2. Spreading path and symptoms of infection
In case of this malicious application, it spreads via various black markets and 3rd party markets and can require various permissions as following.
This malicious application can require this following permission requirement screen.
Besides, this malicious application doesn't have its execution icon, but can be executed on reboot automatically.
* Detailed analysis
This malicious application can cause these following symptoms.
In case of this malicious application, it doesn't register certain Receiver but can try dealing with Event and Action of other applications after inherited BroadcastReceiver.
As we explained at "※ Symptoms", the main feature of this malicious application is collecting information and checking status of installation on certain applications. And it uses MD5 checking for verifying installation status after parsing package name.
This malicious application can collect smartphone information through this following code.
Besides, collected information, after modified by certain methods, can be leaked via URL references.
3. How to prevent
With the rapid development of mobile devices, various type of mobile transactions will be wider and wider. According to that growth, mobile threats will be getting bigger.
To use smartphone safely from security threats of these malicious applications, we recommend following tips "Smartphone security management tips" for general users.
INCA Internet (Security Response Center / Emergency Response Team) provides diagnosis/treatment function with nProtect Mobile for Android for mobile such as malicious file stated above and runs responding system against various security threats.