Android Trojan Found in Targeted Attack

After the installation, an application named “Conference” appears on the desktop

via Android Trojan Found in Targeted Attack – Securelist.

Some sort of malware for android is in the wild.  Theoretically any app one loads on any computer can be malicious.  This was spread via email but the next line highlights something:

If the victim launches this app, he will see text which “enlightens” the information about the upcoming event:

Note the highlighted text.  If you don’t want to become a victim don’t launch applications unless you know why they are there.  Here is the extent of damage to this piece of malware:

While the victim reads this fake message, the malware secretly reports the infection to a command-and-control server. After that, it begins to harvest information stored on the device. The stolen data includes:

  • Contacts (stored both on the phone and the SIM card).
  • Call logs.
  • SMS messages.
  • Geo-location.
  • Phone data (phone number, OS version, phone model, SDK version).

A lot of legitimate applications transmit this information back to home base.  I don’t see this piece of malware being that big of a deal.  Rule of thumb:  Don’t install any .apk files from untrusted sources — like random emails.  If you do happen to install a malicious application, don’t open any app unless you know what it is and why it is there.