[Warning]Android malicious application which steals E-mail account and password has been reported.

1. Introduction

Various Android malicious applications which steal E-mail account and password have been reported in these days.
In the midst of booming malicious applications, a peculiar one which tries to steal e-mail account and password has been found.
This malicious application is disguised as a streaming player.
Furthermore, it induces user to input his ID and password which can be leaked finally.
2. Spreading path and symptoms of infection

This malicious application can spread via various black markets and 3rd party markets and can require various permissions as following.

* Permission explanations
- android:name="android.permission.INTERNET"
- android:name="android.permission.INTERNET"
- android:name="android.permission.ACCESS_NETWORK_STATE"
- android:name="android.permission.ACCESS_WIFI_STATE"
- android:name="android.permission.READ_PHONE_STATE"
- android:name="android.permission.WAKE_LOCK"
- android:name="android.permission.INJECT_EVENTS"
- android:name="android.permission.READ_LOGS"
- android:name="android.permission.WRITE_EXTERNAL_STORAGE"
- android:name="android.permission.DUMP"
- android:name="android.permission.GET_TASKS"

After the installation, this run icon on following figure will be generated.

Upon executing application, following run screen will appear.
This malicious application can be disguished by its layout.
Left one is Normal and Right one is Malicious version.

Following code shows that this malicious application will leak information to certain URL.

Difference can be also shown in login procedure.

3. How to prevent

General users can be easily deceived by fake malicious application. This application can induce user to download and use, and leaked information can be used malicious way.
To use smartphone safely from security threats of these malicious applications, we recommend following tips "Smartphone security management tips" for general users.

Smartphone security management tips

1. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function
2. Download the proven application by multiple users at all times.
3. Use mobile anti-virus SW to check downloaded application before using it.
4. Do not visit suspicious or unknown site via smartphone.
5. Try not to see MMS, text, e-mail from uncertain user.
6. Set strong password on smartphone always.
7. Turn the wireless interfaces like Bluetooth only be used.
8. Do not save important information on phone.
9. Do not try illegal customizing like rooting or jailbreak.

INCA Internet (Security Response Center / Emergency Response Team) provides diagnosis/treatment function with nProtect Mobile for Android for mobile such as malicious file stated above and runs responding system against various security threats.

Diagnosis name

- Trojan-Spy/Android.FakeNefilix.A


  1. it is really awesome to discover your site on the web as it really those ones who are just starting to explore the topic it outsourcing services

  2. This comment has been removed by the author.

  3. With regards to games, the more they look genuine, a more immersive ordeal they give.click to find out more

  4. شركة مكافحة حشرات بالرياض شركة مكافحة حشرات بالرياض
    شركة عزل اسطح بالرياض شركة عزل اسطح بالرياض
    شركة تنظيف بالبخار بالرياض شركة تنظيف بالبخار بالرياض
    شركة تنظيف منازل بمكة شركة تنظيف منازل بمكة
    شركة تنظيف منازل شمال الرياض شركة تنظيف منازل شمال الرياض
    شركة تنظيف منازل شرق الرياض شركة تنظيف منازل شرق الرياض
    شركات رش مبيدات بالرياض شركة رش مبيدات بالرياض

  5. Thank you for sharing this valuable information with us. I will return to your site and continue to share this information with us.
    happy wheels 2

  6. Really very important article for me if you are facing any technical problem with your PC or mobile you can visit us for a better solution Geek squad support provide the best technical support for all kinds of a technical problem Geek squad tech support

  7. you should modify the root files and edit their command to remove the error.world of warcraft down

  8. if you are searching for the QuickBooks tech support then you are at right place.

  9. Then you are at right place with good indeed getinkpreferred

  10. Online psychology essay writing services are very difficult to complete and many students are always searching for Help with Psychology Coursework Writing services to help them complete their psychology research paper writing services and psychology case study writing services.

  11. Wales publishers are offering optimized, Best Publication Services in UK to boost the researcher and research communities, by providing accelerated and efficient services to fasten the publishing process and to give more opportunities for research on different disciplines.Wales publication research conferences give the researchers an international platform to discuss their scientific research Open Access Publishing UK work and their edges.We are different from other conferences because the community's member organizes our conferences.