Android researchers find the most "sophisticated" Android Trojan yet

Android researchers find the most
Kaspersky researcher Roman Unuchek said duringlast week that his group has discovered the most sophisticated Android Trojan yet. Called Backdoor.AndroidOS.Obad.a, this nasty piece of work can send SMS to premium numbers to rack up the ol' phone bill, download other malware programs, install the malware on the infected phone and spread it via Bluetooth to other nearby handsets. As we said it is just plain nasty.

And not only is it complex, the malware is hard to find. Researcher Unuchek says "malware writers typically try to make the codes in their creations as complicated as possible… it is rare to see concealment as advanced as Odad.a’s in mobile malware." A previously unknown vulnerability in Android prevents the malware from being deleted once it obtains Device Administrator privileges.

Once extended Device Administrator privileges, the screen goes blank for 10 seconds after the device is connected to a free Wi-Fi network or Bluetooth is activated. Once it detects a connection, the Trojan copies itself and other malicious apps and sets up house in other nearby units. Kaspersky has already informed Google so hopefully some security patches can be sent to prevent the unaffected from catching this rather ugly strain of malware.


source: SecureList via AndroidPolice, BGR

FEATURED VIDEO

36 Comments

1. WHoyton1

Posts: 1635; Member since: Feb 21, 2013

Jeez, I'm scared now.....

5. RaKithAPeiRiZ

Posts: 1488; Member since: Dec 29, 2011

PRISM is worse ,

7. anywherehome

Posts: 971; Member since: Dec 13, 2011

Yes, it just means if you are stupid enough to install and confirm permissions of a bad app , you have have a bad app in your phone Still much better security than windows or iOS

11. rantao333

Posts: 346; Member since: May 21, 2013

yea, much more better as android account for roughly 80% - 95% of the mobile malware & virus attack.

18. anywherehome

Posts: 971; Member since: Dec 13, 2011

More attacks on Android still can and MEAN iOS is the most vulnerable OS in the world, just read the articles about poor security of all the Apple's product especially iOS ;-) Search "iPhones most vulnerable among smartphones" Of you are not stupid almost not any attacker gets into your Android

26. rantao333

Posts: 346; Member since: May 21, 2013

yea, u r right, i rather buy a smartphone with the "most secure mobile os" and get the highest chances of getting attack by virus. :) am i smart enough?

27. VZWuser76

Posts: 4974; Member since: Mar 04, 2010

Just like in the PC market, people who create viruses are going after marketshare, they want to reach the highest number of end users. Especially in this case where they will get money through the premium sms texts.

9. ihatesmartphone unregistered

Google!!! How come this thing can happen!!! ...:(

10. boosook

Posts: 1442; Member since: Nov 19, 2012

you get a dialog which tells you that the application wants to acquire administrator privileges and you have to confirm, so it's not all google's fault... ;-)

14. ihatesmartphone unregistered

ok..' I feel safe now....:)

21. pixelado

Posts: 130; Member since: Feb 16, 2013

Much like superuser/root applications, I see.

28. abate

Posts: 43; Member since: Dec 19, 2012

A second vulnerability allowed Obad’s authors to obtain extended Device Administrator privileges on infected devices, without appearing on the list of applications which have such privileges. As a result, Unuchek said that it wasn’t possible to delete Obad from the infected Android device after it gained the extended privileges. Obad malware collects a wealth of information from the device, which is passed back to Internet-based command and control (C&C) servers, Kaspsersky said.

25. android_sucks

Posts: 111; Member since: Jul 28, 2011

Because android is soooooooo open!!! The price that you pay for that openness is vulnerability of your device.

2. Topcat488

Posts: 1416; Member since: Sep 29, 2012

Ain't nuttin like that FREE wifi, too catch a dirty ole virus... Nothings for free in Mans' World.

3. yowanvista

Posts: 341; Member since: Sep 20, 2011

And that isn't automatically installed, a stupid user must still press on 'install' and grant the requested permissions for that thing to work. Most users don't even have 'unknown sources' enabled so it's basically harmless to the average Android user unless some are retarded enough to allow in a suspicious app.

22. pixelado

Posts: 130; Member since: Feb 16, 2013

So much hate towards your post considering it's all true. Perhaps they're hating on your rough language. Just saying.

35. tedkord

Posts: 17365; Member since: Jun 17, 2009

People hate truth when it clashes with their world view.

4. Hammerfest

Posts: 384; Member since: May 12, 2012

Come on... with that name is literally SCREAMS to anyone with common sense... oh, thats right, common sense has left the building!

6. Sniggly

Posts: 7305; Member since: Dec 05, 2009

And how would we get this malware? Is it on the Play Store? Thought not. But seriously, who has the time and the motivation to write this s**t? I'm still convinced that antivirus companies have at least some involvement.

8. EXkurogane

Posts: 863; Member since: Mar 07, 2013

It's not just a smartphone OS, but desktop OS itself - i have no clue how people can get malware easily. I dont even have a 3rd party antivirus/antimalware program in my computers. No Kaspersky, no McAfee, no AVG or Avira, or whatever name you could think of. Just the stock security essentials included in the OS.

31. JEverettnow

Posts: 228; Member since: Mar 11, 2013

I have been using my Windows 7 for awhile now on the stock security essentials and never got a virus or malware. My computer runs smooth and fast. My phones are the same way. I just have never had a virus on Android

12. JunitoNH

Posts: 1946; Member since: Feb 15, 2012

Time for the little robot gets its oil change. Anyway, besides the above advise, you also have to be foolish to conduct business transactions on an Android device.

36. tedkord

Posts: 17365; Member since: Jun 17, 2009

You have to be foolish to believe that. S little common sense is all it takes to be safe on Android. Its not like a PC where unattended installs can occur from email attachments, etc. Its sandboxed.

13. percy55

Posts: 1; Member since: Feb 23, 2013

There is a joke that once upon a time there was a village where there was no police station so the goverment decided to set up one. This was opposed tooth and nail by the villagers. The government officials were surprised by the behaviour of the people. So a Government representative was sent to know the reason for the peoples resenment for a Police Station. To everyone surprise the reason the villagers gave for opposing the police station was as follows . The villagers said that at the moment there was no crime in and around their village, however if a police station came up then all sorts of crime will start taking place. So is it that tje same hold true for the antivirus companies !! Somebody is creating malicious software. Just joking you know !!

16. haseebzahid

Posts: 1853; Member since: Feb 22, 2012

if this virus is that much powerful and complex i bet high level of integence Organizations are stake holders in it

15. haseebzahid

Posts: 1853; Member since: Feb 22, 2012

OMG Dad of all moblie.Bombs no wait its Adhoc Virus + its gonna Zombiefy the Zone where it infects so people gonna have zombified phones now who knows :O

19. pixelado

Posts: 130; Member since: Feb 16, 2013

Well, I'll be waiting for a list of compromised apps and whether these can be gotten straight from the Play Store or not.

20. OpTiMuS_BlAcK

Posts: 418; Member since: May 04, 2012

I'd doubt that it'll get on mine but I'd still love that security patch~

23. pixelado

Posts: 130; Member since: Feb 16, 2013

I wonder how is this "patch" going to be delivered to end users.

30. JEverettnow

Posts: 228; Member since: Mar 11, 2013

I bet Kaspersky created this one. I have been using Android devices for about 4 years now and have never once got a virus. Anybody else ever get a known virus and not just an advertisement in the notifications bar?

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.