This document summarizes a new advanced trojan called Backdoor.AndroidOS.Obad.a that targets Android devices. It exploits two previously unknown Android platform vulnerabilities to install itself and gain administrative privileges without being detectable to users. Once installed, it can steal private user data, send text messages to premium numbers, and download and execute new code received from its command center server. It also uses tricks to remain undetected like locking the screen during certain commands. While its spread is currently narrow, its complexity makes it a very dangerous threat similar to advanced Windows malware.
This document summarizes a new advanced trojan called Backdoor.AndroidOS.Obad.a that targets Android devices. It exploits two previously unknown Android platform vulnerabilities to install itself and gain administrative privileges without being detectable to users. Once installed, it can steal private user data, send text messages to premium numbers, and download and execute new code received from its command center server. It also uses tricks to remain undetected like locking the screen during certain commands. While its spread is currently narrow, its complexity makes it a very dangerous threat similar to advanced Windows malware.
This document summarizes a new advanced trojan called Backdoor.AndroidOS.Obad.a that targets Android devices. It exploits two previously unknown Android platform vulnerabilities to install itself and gain administrative privileges without being detectable to users. Once installed, it can steal private user data, send text messages to premium numbers, and download and execute new code received from its command center server. It also uses tricks to remain undetected like locking the screen during certain commands. While its spread is currently narrow, its complexity makes it a very dangerous threat similar to advanced Windows malware.
Malware targeting the Android platform is not a new topic, and the emergence of a new threat is no longer a hot topic, but the rojan discovered b! "aspersk! #abs is characteri$ed b! ingenuit! and comple%it!, which is the most advanced threat ever discovered on &oogle platform. 'alled Backdoor.AndroidOS.Obad.a, multifunctional trojan e%ploits two vulnerabilities of the Android platform that were unknown until now. (nitial installation uses a first securit! vulnerabilit! in the declaration of the program structure, necessar! component of an! Android. After this stage, the rojan e%ploits a second securit! breach and its assigns administrative rights but without registering in the list of menu Settings ) Securit! ) *evice Administrators, as do other securit! applications, which, together with the fact that the application does not have an icon or interface makes impossible to remove and ver! difficult to detect. (n addition, using the first vulnerabilit! used during installation and some bugs in the code conversion application *+,-.A/, the rojan make ver! difficult to anal!$e the code directl! on the phone or on computer. After completing these first two steps, the application tries to gain root access, but this is not necessar! onl! for specific operations. he application will first collect various private data such as phone number, (M+(, Bluetooth interface MA' address, name of local time and date, which then sends to a command center. After activation, the application tries to contact and infect other phones around, sending them via Bluetooth an infected file. Once the application has taken over the phone and was able to connect to the command center, it can be used for various operations, such as sending te%t messages to premium rate numbers, copies of personal data, including bank personal data, use as a pro%! server, download and install new code or local e%ecution of commands sent b! the server. (n addition, the application uses all kinds of tricks, such as lock screen when running certain commands, which could fool an unsuspecting user to such details, or decr!pt certain software modules onl! after authentication local command center online. "aspersk! #abs sa!s that Backdoor.AndroidOS.Obad.a has a narrower spread at the moment, but its comple%it!, rather reminiscent of 0indows rojans, makes an interesting and ver! dangerous product. he compan! has alread! sent to &oogle data about the two newl! discovered securit! holes, this being the reason for their mode of operation described so succinctl!.