{"id":9630,"date":"2013-03-27T11:00:22","date_gmt":"2013-03-27T16:00:22","guid":{"rendered":"http:\/\/bucktownbell.com\/?p=9630"},"modified":"2013-03-27T11:00:22","modified_gmt":"2013-03-27T16:00:22","slug":"android-trojan-found-in-targeted-attack","status":"publish","type":"post","link":"http:\/\/bucktownbell.com\/?p=9630","title":{"rendered":"Android Trojan Found in Targeted Attack"},"content":{"rendered":"<blockquote><p>After the installation, an application named &#8220;Conference&#8221; appears on the desktop<\/p><\/blockquote>\n<p>via <a href=\"http:\/\/www.securelist.com\/en\/blog\/208194186\/Android_Trojan_Found_in_Targeted_Attack\">Android Trojan Found in Targeted Attack &#8211; Securelist<\/a>.<\/p>\n<p>Some sort of malware for android is in the wild.\u00a0 Theoretically any app one loads on any computer can be malicious.\u00a0 This was spread via email but the next line highlights something:<\/p>\n<blockquote><p><strong>If the victim launches this app,<\/strong> he will see text which &#8220;enlightens&#8221; the information about the upcoming event:<\/p><\/blockquote>\n<p>Note the highlighted text.\u00a0 If you don&#8217;t want to become a victim don&#8217;t launch applications unless you know why they are there.\u00a0 Here is the extent of damage to this piece of malware:<\/p>\n<blockquote><p>While the victim reads this fake message, the malware secretly reports the infection to a command-and-control server. After that, it begins to harvest information stored on the device. The stolen data includes:<\/p>\n<ul>\n<li>Contacts (stored both on the phone and the SIM card).<\/li>\n<li>Call logs.<\/li>\n<li>SMS messages.<\/li>\n<li>Geo-location.<\/li>\n<li>Phone data (phone number, OS version, phone model, SDK version).<\/li>\n<\/ul>\n<\/blockquote>\n<p>A lot of legitimate applications transmit this information back to home base.\u00a0 I don&#8217;t see this piece of malware being that big of a deal.\u00a0 Rule of thumb:\u00a0 Don&#8217;t install any .apk files from untrusted sources &#8212; like random emails.\u00a0 If you do happen to install a malicious application, don&#8217;t open any app unless you know what it is and why it is there.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>After the installation, an application named &#8220;Conference&#8221; appears on the desktop via Android Trojan Found in Targeted Attack &#8211; Securelist. Some sort of malware for android is in the wild.\u00a0 Theoretically any app one loads on any computer can be &hellip; <a href=\"http:\/\/bucktownbell.com\/?p=9630\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1078],"tags":[48,347],"class_list":["post-9630","post","type-post","status-publish","format-standard","hentry","category-applications","tag-android","tag-malware"],"_links":{"self":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/9630","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=9630"}],"version-history":[{"count":0,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/9630\/revisions"}],"wp:attachment":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=9630"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=9630"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=9630"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}