Trojanized Security Tool Serves as Backdoor App
I recently posted an entry about Trojanized applications that were found in the Android Market. About 50 repackaged versions of legitimate apps were pulled from the Android Market after being found infected with AndroidOS_LOTOOR.A. AndroidOS_LOTOOR.A steals mobile device information as well as gives unauthorized users root access to an infected device.
As course of action, Google pulled the applications from the Android Market, remotely removed the Trojanized apps from users’ devices, and deployed the Android Market Security Tool—a tool that reverses the modifications done by AndroidOS_LOTOOR.A and prevents the device from sending out device information.
Of course, what must come along but a Trojanized version of the very same application that Google released to protect users from Trojanized applications. While the legitimate application prevents information theft, AndroidOS_BGSERV.A does the opposite. It acts as a backdoor application that gathers device information and sends this to a remote URL. It also keeps a log of its routines, which it then sends to the same URL, enabling its proponents to keep track of its activities. The Trojanized application also performs functions and actions without the user’s authorization. These routines include modifying call logs, intercepting or monitoring messages, and downloading videos.
 |
 |
 |
 |
Several other new Android malware have been spotted as well, including AndroidOS_SMSREP.A, AndroidOS_FAKEP.A, and AndroidOS_FSPY.A. The increasing proliferation of Android malware clearly indicates that we have not seen the last of Trojanized apps. Users should thus continue exercising caution when installing and downloading applications.
Trend Micro offers security for Android mobile devices through Mobile Security for Android™.
Post from: TrendLabs | Malware Blog – by Trend Micro
Trojanized Security Tool Serves as Backdoor App
Spotlight
Cloud Computing
- US makes large investment in cyber weaponry
- Wall Street has data security concerns over Bloomberg reporting
- Security in backups means more than just encryption
- Employees must buy into the company policy for better cloud security
Virtualization
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Internet Safety
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Vulnerabilities & Exploits
CTO Insights
First Line of Defense
Newsletter
Stay up to date with the latest news and information on online threats.
Recent News
- Cloud security group develops third-party certification program
- US makes large investment in cyber weaponry
- SEC may ask for more information after cyberattacks
- FBI trying to train financial execs on cyber threats
Tag Cloud
cloud cloud computing cloud computing security Cloud Security Compliance & Regulations Consumerization Current News cybercrime Data Privacy data security Encryption Government Policy Internet Protection Internet Safety Internet Safety - DO NOT USE Internet Security Malware Mobile Security Mobility Policy Policy - DO NOT USE Privacy Privacy & Policy Private Cloud Public Cloud Reports Research Spotlight threat intelligence threat research Trend Labs Underground Economy virtualization Vulnerabilities Vulnerabilities - DO NOT USE web security web threats
Comments
No comments yet