The Latest in IT Security

New Android Malware Spotted on Third Party App Markets

09
Aug
2012

A new Android malware has been found on third party Android markets. Symantec has identified 18 apps that have been Trojanized with the threat and added detection as Android.Vdloader.
 


Figure 1. List of malicious apps identified
 

A 3D waterfall wallpaper may be displayed after the threat is installed.
 


Figure 2. 3D Waterfall wallpaper displayed after installation
 

The threat is appended to legitimate apps to trick users into downloading and installing it. Once installed, it sends potentially confidential information, such as IMEI, IMSI, compromised device’s phone number, network type, phone type, the name of existing apps installed on the compromised device, and the malicious package that contains the threat, to aabbccddee.com:8080/p.jsp. The server still appears to be accessible. Moreover, the threat also connects to the server to receive commands that include sending SMS messages and downloading additional APKs. Like a lot of other Android malware, the purpose is to charge the victim for premium text messages as well as to download more malware onto the compromised device. However, our analysis indicates that the malware will unable to send SMS messages because of a flaw in the code.
 


Figure 3.
App sending information to aabbccddee.com:8080

As always, Symantec recommends that you only download apps from legitimate and trusted sources and always be suspicious of unusual activity and behavior.

Leave a reply


Categories

TUESDAY, MARCH 19, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments