Thursday, May 22, 2014
Wednesday, May 14, 2014
Harmful software:android: post 2
Software name:
Gooboot
QQAssistant
GoogleKernel
Package names:
com.android.googlekernel
com.android.googledalvik
com.qq.assistant
Threat type: Trojan
This program will send text messages to premium numbers. Because of this you will be charged for the message sent
When installing this software it will ask for the following permissions
Change network connectivity state.
Allows applications to write the apn settings.
clear user data.
Create new SMS messages.
Open network connections.
Create new contact data.
Send SMS messages.
Allow access to low-level power management.
Access information about networks.
Get information about the currently or recently
running tasks.
Delete packages.
Read or write the secure system settings.
Write to external storage devices.
Start once the device has finished booting.
Install packages.
Initiate a phone call without using the Phone UI or
requiring confirmation from the user.
Read or write to the system settings.
Check the phone's current state.
Read SMS messages on the device.
Access information about the WiFi state.
Prevent processor from sleeping or screen from
dimming.
Change Wi-Fi connectivity state.
Monitor incoming SMS messages.
Read user's contacts data.
Clear the caches of all installed applications on
the device.
Mount and unmount file systems for removable
storage.
To remove this Trojan do the following steps
Open the Google Android Menu.
Go to the Settings icon and select Applications .
Next, select Manage .
Select the application and select Uninstall .
Monday, May 12, 2014
Harmful Software : Android post 1 : Dendroid
Package Name : com.parental.control.v4
Threat type : Trojan
According to Symantec, this trojan will ask you the following permissions to install
- Open network connections
- Read SMS messages on the device
- Create new SMS messages
- Access the list of accounts in the Accounts Service
- Read (but not write) the user's browsing history and bookmarks
- Access information about networks
- Read user's contacts data
- Access the precise location from location sources such as GPS, cell towers, and Wi-Fi
- Obtain information about the currently or recently running tasks
- Prevent processor from sleeping or screen from dimming
- Initiate a phone call without using the Phone UI or requiring confirmation from the user
- Send SMS messages
- Read or write to the system settings
- Check the phone's current state
- Write to external storage devices
- Access the camera device
- Record audio
- Monitor, modify, or end outgoing calls
- Monitor incoming SMS messages
The Trojan may perform the following actions:
- Call a phone number
- Record phone calls
- Record audio
- Delete the call log
- Obtain the call log
- Steal contact information
- Block SMS messages
- Delete SMS messages
- Send SMS messages
- Obtain the content of SMS messages in the Inbox and the Sent folder
- Take photos
- Take video
- Open an application
- Obtain a list of installed applications
- Open a URL
- Obtain browser bookmarks
- Obtain the browser history
- Delete specified files
- Upload files to a server
- Upload pictures to a server
- Perform an HTTP Flood on a specified URL
- Change the command-and-control server(C&C)
- Update itself
Be aware of this software because it will target your phone and will make your phone unusable. But you can uninstall this easily by the following steps
- Open the Google Android Menu.
- Go to the Settings icon and select Applications.
- Next, select Manage.
- Select the application and select Uninstall.