Kaspersky Lab Experts did their jobs and luckily identified the most advanced Trojan ever seen on the Android OS. IT seems that its complexity makes it look more like a Windows virus. Backdoor.AndroidOS.Obad.a., as it was named, takes advantage of many vulnerabilities in the system and tries to access your account balance, download outside files or even call premium-service numbers that can inflate your costs a lot.The experts could immediately tell that there's something wrong with the app as it had a very complex code concealment that made the decryption a lot difficult than expected. The Trojan takes advantage of a vulnerability in the AndroidManifest.xml file modifying the app despite Google's standards, making it even harder to be analyzed.Another vulnerability in the system makes the virus app gain Device Administrator privileges while not being listed with other apps that have such privileges. This makes it impossible to delete the app once installed. Also you won't be able to access anything from this app as it runs completely in the background.Here is the complete list with what Kaspersky experts say the Virus can do:
Luckily the experts have said that despite the Virus's complexity, it is not wide-spread at all. Google was also notified for these vulnerabilities and hopefully we won't come in contact with such Viruses no time soon.Source.
- Send text message. Parameters contain number and text. Replies are deleted.
- PING.
- Receive account balance via USSD.
- Act as proxy (send specified data to specified address, and communicate the response).
- Connect to specified address (clicker).
- Download a file from the server and install it.
- Send a list of applications installed on the smartphone to the server.
- Send information about an installed application specified by the C&C server.
- Send the user’s contact data to the server.
- Remote Shell. Executes commands in the console, as specified by the cybercriminal.
- Send a file to all detected Bluetooth devices.