x PhoneArena is looking for new authors! To view all available positions, click here.
  • Home
  • News
  • Android researchers find the most "sophisticated" Android Trojan yet

Android researchers find the most "sophisticated" Android Trojan yet

Posted: , by Alan F.

Tags:

Android researchers find the most
Kaspersky researcher Roman Unuchek said duringlast week that his group has discovered the most sophisticated Android Trojan yet. Called Backdoor.AndroidOS.Obad.a, this nasty piece of work can send SMS to premium numbers to rack up the ol' phone bill, download other malware programs, install the malware on the infected phone and spread it via Bluetooth to other nearby handsets. As we said it is just plain nasty.

And not only is it complex, the malware is hard to find. Researcher Unuchek says "malware writers typically try to make the codes in their creations as complicated as possible… it is rare to see concealment as advanced as Odad.a’s in mobile malware." A previously unknown vulnerability in Android prevents the malware from being deleted once it obtains Device Administrator privileges.

Once extended Device Administrator privileges, the screen goes blank for 10 seconds after the device is connected to a free Wi-Fi network or Bluetooth is activated. Once it detects a connection, the Trojan copies itself and other malicious apps and sets up house in other nearby units. Kaspersky has already informed Google so hopefully some security patches can be sent to prevent the unaffected from catching this rather ugly strain of malware.

Kaspersky Research says it has found the most sophisticated Android Trojan
Kaspersky Research says it has found the most sophisticated Android Trojan
Kaspersky Research says it has found the most sophisticated Android Trojan

Kaspersky Research says it has found the most sophisticated Android Trojan


source: SecureList via AndroidPolice, BGR

36 Comments
  • Options
    Close




posted on 08 Jun 2013, 04:46

1. WHoyton1 (Posts: 1627; Member since: 21 Feb 2013)


Jeez, I'm scared now.....

posted on 08 Jun 2013, 05:12 6

5. RaKithAPeiRiZ (Posts: 1353; Member since: 29 Dec 2011)


PRISM is worse ,

posted on 08 Jun 2013, 05:17 5

7. anywherehome (Posts: 971; Member since: 13 Dec 2011)


Yes, it just means if you are stupid enough to install and confirm permissions of a bad app , you have have a bad app in your phone

Still much better security than windows or iOS

posted on 08 Jun 2013, 06:36 4

11. rantao333 (Posts: 256; Member since: 21 May 2013)


yea, much more better as android account for roughly 80% - 95% of the mobile malware & virus attack.

posted on 08 Jun 2013, 09:49 4

18. anywherehome (Posts: 971; Member since: 13 Dec 2011)


More attacks on Android still can and MEAN iOS is the most vulnerable OS in the world, just read the articles about poor security of all the Apple's product especially iOS ;-)
Search "iPhones most vulnerable among smartphones"
Of you are not stupid almost not any attacker gets into your Android

posted on 08 Jun 2013, 10:44

26. rantao333 (Posts: 256; Member since: 21 May 2013)


yea, u r right, i rather buy a smartphone with the "most secure mobile os" and get the highest chances of getting attack by virus. :)

am i smart enough?

posted on 08 Jun 2013, 11:01

27. VZWuser76 (Posts: 1579; Member since: 04 Mar 2010)


Just like in the PC market, people who create viruses are going after marketshare, they want to reach the highest number of end users. Especially in this case where they will get money through the premium sms texts.

posted on 08 Jun 2013, 06:21 5

9. ihatesmartphone (unregistered)


Google!!!
How come this thing can happen!!! ...:(

posted on 08 Jun 2013, 06:30 8

10. boosook (Posts: 1035; Member since: 19 Nov 2012)


you get a dialog which tells you that the application wants to acquire administrator privileges and you have to confirm, so it's not all google's fault... ;-)

posted on 08 Jun 2013, 07:37

14. ihatesmartphone (unregistered)


ok..'
I feel safe now....:)

posted on 08 Jun 2013, 10:18

21. pixelado (Posts: 130; Member since: 16 Feb 2013)


Much like superuser/root applications, I see.

posted on 08 Jun 2013, 11:15

28. abate (Posts: 43; Member since: 19 Dec 2012)


A second vulnerability allowed Obad’s authors to obtain extended Device Administrator privileges on infected devices, without appearing on the list of applications which have such privileges. As a result, Unuchek said that it wasn’t possible to delete Obad from the infected Android device after it gained the extended privileges.

Obad malware collects a wealth of information from the device, which is passed back to Internet-based command and control (C&C) servers, Kaspsersky said.

posted on 08 Jun 2013, 10:35 2

25. android_sucks (Posts: 111; Member since: 28 Jul 2011)


Because android is soooooooo open!!! The price that you pay for that openness is vulnerability of your device.

posted on 08 Jun 2013, 04:56 1

2. Topcat488 (Posts: 1162; Member since: 29 Sep 2012)


Ain't nuttin like that FREE wifi, too catch a dirty ole virus... Nothings for free in Mans' World.

posted on 08 Jun 2013, 04:58 5

3. yowanvista (Posts: 306; Member since: 20 Sep 2011)


And that isn't automatically installed, a stupid user must still press on 'install' and grant the requested permissions for that thing to work. Most users don't even have 'unknown sources' enabled so it's basically harmless to the average Android user unless some are retarded enough to allow in a suspicious app.

posted on 08 Jun 2013, 10:20 1

22. pixelado (Posts: 130; Member since: 16 Feb 2013)


So much hate towards your post considering it's all true.

Perhaps they're hating on your rough language. Just saying.

posted on 08 Jun 2013, 15:38

35. tedkord (Posts: 4947; Member since: 17 Jun 2009)


People hate truth when it clashes with their world view.

posted on 08 Jun 2013, 05:12 2

4. Hammerfest (Posts: 369; Member since: 12 May 2012)


Come on... with that name is literally SCREAMS to anyone with common sense... oh, thats right, common sense has left the building!

posted on 08 Jun 2013, 05:14 6

6. Sniggly (Posts: 7118; Member since: 05 Dec 2009)


And how would we get this malware? Is it on the Play Store? Thought not.

But seriously, who has the time and the motivation to write this s**t? I'm still convinced that antivirus companies have at least some involvement.

posted on 08 Jun 2013, 05:36 1

8. EXkurogane (Posts: 863; Member since: 07 Mar 2013)


It's not just a smartphone OS, but desktop OS itself - i have no clue how people can get malware easily. I dont even have a 3rd party antivirus/antimalware program in my computers. No Kaspersky, no McAfee, no AVG or Avira, or whatever name you could think of. Just the stock security essentials included in the OS.

posted on 08 Jun 2013, 12:23

31. JEverettnow (Posts: 202; Member since: 11 Mar 2013)


I have been using my Windows 7 for awhile now on the stock security essentials and never got a virus or malware. My computer runs smooth and fast. My phones are the same way. I just have never had a virus on Android

posted on 08 Jun 2013, 07:29

12. JunitoNH (Posts: 930; Member since: 15 Feb 2012)


Time for the little robot gets its oil change. Anyway, besides the above advise, you also have to be foolish to conduct business transactions on an Android device.

posted on 08 Jun 2013, 16:25

36. tedkord (Posts: 4947; Member since: 17 Jun 2009)


You have to be foolish to believe that. S little common sense is all it takes to be safe on Android. Its not like a PC where unattended installs can occur from email attachments, etc. Its sandboxed.

posted on 08 Jun 2013, 07:36 1

13. percy55 (Posts: 1; Member since: 23 Feb 2013)


There is a joke that once upon a time there was a village where there was no police station so the goverment decided to set up one. This was opposed tooth and nail by the villagers. The government officials were surprised by the behaviour of the people. So a Government representative was sent to know the reason for the peoples resenment for a Police Station. To everyone surprise the reason the villagers gave for opposing the police station was as follows . The villagers said that at the moment there was no crime in and around their village, however if a police station came up then all sorts of crime will start taking place. So is it that tje same hold true for the antivirus companies !! Somebody is creating malicious software.

Just joking you know !!

posted on 08 Jun 2013, 08:11 2

16. haseebzahid (Posts: 1833; Member since: 22 Feb 2012)


if this virus is that much powerful and complex i bet high level of integence Organizations are stake holders in it

posted on 08 Jun 2013, 08:07

15. haseebzahid (Posts: 1833; Member since: 22 Feb 2012)


OMG Dad of all moblie.Bombs

no wait its Adhoc Virus + its gonna Zombiefy the Zone where it infects
so people gonna have zombified phones now

who knows :O

posted on 08 Jun 2013, 10:13

19. pixelado (Posts: 130; Member since: 16 Feb 2013)


Well, I'll be waiting for a list of compromised apps and whether these can be gotten straight from the Play Store or not.

posted on 08 Jun 2013, 10:17

20. OpTiMuS_BlAcK (Posts: 411; Member since: 04 May 2012)


I'd doubt that it'll get on mine but I'd still love that security patch~

posted on 08 Jun 2013, 10:21

23. pixelado (Posts: 130; Member since: 16 Feb 2013)


I wonder how is this "patch" going to be delivered to end users.

posted on 08 Jun 2013, 12:20

30. JEverettnow (Posts: 202; Member since: 11 Mar 2013)


I bet Kaspersky created this one. I have been using Android devices for about 4 years now and have never once got a virus. Anybody else ever get a known virus and not just an advertisement in the notifications bar?

posted on 08 Jun 2013, 14:49

32. rusticguy (Posts: 2828; Member since: 11 Aug 2012)


Alan .... a typo right in opening sentence. Please proof read before you post .. or run a spell check in editor of wordpress that this site is based on.

"duringlast " what's that word?

posted on 08 Jun 2013, 15:23

34. kozza3 (Posts: 574; Member since: 17 Oct 2012)


these comments are more irritating than the actual typo...

posted on 08 Jun 2013, 20:10

37. rusticguy (Posts: 2828; Member since: 11 Aug 2012)


Great so change your fuse :)

posted on 08 Jun 2013, 15:05

33. Sondae (Posts: 190; Member since: 02 Jan 2013)


This is one scary virus that has been brought to android.

posted on 09 Jun 2013, 00:52

38. Trex95 (Posts: 553; Member since: 03 Mar 2013)


Let's be honest Android need re-written again.

posted on 09 Jun 2013, 01:08

39. crazymonkey05 (Posts: 155; Member since: 20 Nov 2012)


Android is probably one of the most secure OS's in the world mainly because of the Linux base but if you keep unknown sources off and don't install 3rd party apps and you will be safe and sound

Want to comment? Please login or register.

Latest stories