Scribd
Upload
563 views1 page

Advanced Android Trojan: Obad.a

This document summarizes a new advanced trojan called Backdoor.AndroidOS.Obad.a that targets Android devices. It exploits two previously unknown Android platform vulnerabilities to install itself and gain administrative privileges without being detectable to users. Once installed, it can steal private user data, send text messages to premium numbers, and download and execute new code received from its command center server. It also uses tricks to remain undetected like locking the screen during certain commands. While its spread is currently narrow, its complexity makes it a very dangerous threat similar to advanced Windows malware.

Uploaded by

yulika_v
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
563 views1 page

Advanced Android Trojan: Obad.a

This document summarizes a new advanced trojan called Backdoor.AndroidOS.Obad.a that targets Android devices. It exploits two previously unknown Android platform vulnerabilities to install itself and gain administrative privileges without being detectable to users. Once installed, it can steal private user data, send text messages to premium numbers, and download and execute new code received from its command center server. It also uses tricks to remain undetected like locking the screen during certain commands. While its spread is currently narrow, its complexity makes it a very dangerous threat similar to advanced Windows malware.

Uploaded by

yulika_v
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd

[Link].

a - most advanced trojan for Android platform


Malware targeting the Android platform is not a new topic, and the emergence of a new threat is
no longer a hot topic, but the rojan discovered b! "aspersk! #abs is characteri$ed b! ingenuit!
and comple%it!, which is the most advanced threat ever discovered on &oogle platform.
'alled [Link].a, multifunctional trojan e%ploits two vulnerabilities of the
Android platform that were unknown until now. (nitial installation uses a first securit!
vulnerabilit! in the declaration of the program structure, necessar! component of an! Android.
After this stage, the rojan e%ploits a second securit! breach and its assigns administrative rights
but without registering in the list of menu Settings ) Securit! ) *evice Administrators, as do other
securit! applications, which, together with the fact that the application does not have an icon or
interface makes impossible to remove and ver! difficult to detect.
(n addition, using the first vulnerabilit! used during installation and some bugs in the code
conversion application *+,-.A/, the rojan make ver! difficult to anal!$e the code directl! on
the phone or on computer.
After completing these first two steps, the application tries to gain root access, but this is not
necessar! onl! for specific operations. he application will first collect various private data such
as phone number, (M+(, Bluetooth interface MA' address, name of local time and date, which
then sends to a command center. After activation, the application tries to contact and infect other
phones around, sending them via Bluetooth an infected file.
Once the application has taken over the phone and was able to connect to the command center, it
can be used for various operations, such as sending te%t messages to premium rate numbers,
copies of personal data, including bank personal data, use as a pro%! server, download and install
new code or local e%ecution of commands sent b! the server. (n addition, the application uses all
kinds of tricks, such as lock screen when running certain commands, which could fool an
unsuspecting user to such details, or decr!pt certain software modules onl! after authentication
local command center online.
"aspersk! #abs sa!s that [Link].a has a narrower spread at the moment, but
its comple%it!, rather reminiscent of 0indows rojans, makes an interesting and ver! dangerous
product. he compan! has alread! sent to &oogle data about the two newl! discovered securit!
holes, this being the reason for their mode of operation described so succinctl!.

You might also like