[Information] Status for Android-based mobile malicious file

1. Introduction

Based on our analysis about malicious files for Android, the number of files is exponentially increasing from June 2011.
It means that the number of Android user is rapidly increasing.
Actually the real damage case hasn't been reported in South Korea so far, however, it has great possibility to threat for foreigner user.
Therefore, users need to be careful on using this kind of applications.

2. Related information

Against the security threats especially on Android-based malicious file, INCA Internet has distributed Anti-Virus application for Android and given various information to public.

The trend of spreading technique of Android malicious file is continuously sophisticated and even delicate. The starting point of generating malicious file was for curious on certain atmosphere or for being proven certain concept; however, the aim for file can be easily diverted for malicious way.
On both quality and quantity, attacking technique is still evolving.

Step 1 is the data on victim's smartphone of anonymous user.
Step 2 is that its changing its for as a cybercrime for its purpose including inducing payment.
Finally, step 3 can be changed Zombie Phone for DDoS, chasing GPS, C&C Smart Server or even APT(Advance Persistent Threat).

* Status of collected malicious file and update.

Following graph is for our INCA Internet's 2011's collected files.

Based on graph, the number of samples had been rapidly increasing from Sep 2011 so far.

INCA Internet's nProtect Mobile for Android including detect and treat functions has been distributed free of charge.
Besides, Android phone users need to be careful on installation from being infected by malicious files.

3. Finishing

While installing application, we recommend you use official market, check requiring permission, and submit file if suspicious. To use smartphone safely from security threats of these malicious applications, we recommend following tips "Smartphone security management tips" for general users.

Smartphone security management tips

1. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function
2. Download the proven application by multiple users at all times.
3. Use mobile anti-virus SW to check downloaded application before using it.
4. Do not visit suspicious or unknown site via smartphone.
5. Try not to see MMS, text, e-mail from uncertain user.
6. Set strong password on smartphone always.
7. Turn the wireless interfaces like Bluetooth only be used.
8. Do not save important information on phone.
9. Do not try illegal customizing like rooting or jailbreak.

INCA Internet (Security Response Center / Emergency Response Team) provides diagnosis/treatment function with “nProtect Mobile for Android” for mobile such as malicious file stated above and runs responding system against various security threats.


  1. Pimphony

    Excellent Blog every one can get lots of information for any topics from this blog nice work keep it up.

  2. Highster app offers business owners control – the monitoring and tracking of a mobile phone device in stealth mode, have a look at this link for more information.

  3. Thank you for such informative Posts , cyber crimes are increasing in a steady rate and security poilicies should be practiced by everyone .



    Positive site, where did u come up with the information on this posting?I have read a few of the articles on your website now,

  5. Gradient-based learning applied to document recognition. Proceedings of ... A hybrid malware detecting scheme for mobile Android applications.



  6. it’s the ip address of most of the Belkin and SMC models.


  7. Routers are the most important devices that are required to get the internet connectivity. There are many brands and router models around the globe. Most people use multiple brand routers, they don't know how to configure them for the perfect usage. Here at Vist my site we have all the manuals for configuring the router login pages.

  8. Wales publications are well-known publishing solution providers in various disciplines in the UK, Wales Publications serving to scientific organizations worldwide. Contact us for further information and know our best services and deals to achieve your goal.The fast submission process includes rapid publication research in UK that includes unique rapid process, inhouse peer review and 100% acceptance guarantee.


  9. 192.168.1254

    IP address can be used to change the name of the Wi-Fi, control the number of devices that are connected at a time to the network and much more.


  10. This is default IP address that is used by most of the router companies like the PTCL, TP-Link, D-Link, in order to access the admin page of the router